diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/constants/Errors.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/constants/Errors.java
index be58c0378b2..3486aba46a1 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/constants/Errors.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/constants/Errors.java
@@ -35,7 +35,8 @@ public enum Errors {
 	EXCEPTION("KER-ACP-500", "Exception occured "),
 	ALLOWED_URL_EXCEPTION("KER-ACP-009", "url not found in allowed url's"),
 	STATE_NULL_EXCEPTION("KER-ACP-010", "state is null or empty"),
-	STATE_NOT_UUID_EXCEPTION("KER-ACP-011", "state is not uuid");
+	STATE_NOT_UUID_EXCEPTION("KER-ACP-011", "state is not uuid"),
+	UNSUPPORTED_ENCODING_EXCEPTION("KER-ACP-012", "unsupported encoding exception :");
 
 	/**
 	 * The error code
diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java
index 6dfbb974cd1..972009b65bf 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/controller/LoginController.java
@@ -1,6 +1,8 @@
 package io.mosip.kernel.authcodeflowproxy.api.controller;
 
 import java.io.IOException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
 import java.util.UUID;
 
@@ -19,6 +21,10 @@
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 
 import io.mosip.kernel.authcodeflowproxy.api.constants.Errors;
 import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO;
@@ -29,6 +35,7 @@
 import io.mosip.kernel.core.authmanager.model.AuthResponseDto;
 import io.mosip.kernel.core.http.ResponseFilter;
 import io.mosip.kernel.core.http.ResponseWrapper;
+import io.mosip.kernel.core.util.CryptoUtil;
 import io.mosip.kernel.core.util.EmptyCheckUtils;
 
 @RestController
@@ -127,14 +134,22 @@ public ResponseWrapper<MosipUserDto> validateAdminToken(HttpServletRequest reque
 		responseWrapper.setResponse(mosipUserDto);
 		return responseWrapper;
 	}
-
+	
 	@ResponseFilter
-	@DeleteMapping(value = "/logout/user")
-	public ResponseWrapper<AuthResponseDto> logoutUser(
-			@CookieValue(value = "Authorization", required = false) String token, HttpServletResponse res) {
-		AuthResponseDto authResponseDto = loginService.logoutUser(token);
-		ResponseWrapper<AuthResponseDto> responseWrapper = new ResponseWrapper<>();
-		responseWrapper.setResponse(authResponseDto);
-		return responseWrapper;
+	@GetMapping(value = "/logout/user")
+	public void logoutUser(
+			@CookieValue(value = "Authorization", required = false) String token,@RequestParam(name = "redirecturi", required = true) String redirectURI, HttpServletResponse res) throws IOException {
+		redirectURI = new String(Base64.decodeBase64(redirectURI));
+		if(redirectURI.contains("#")) {
+			redirectURI= redirectURI.split("#")[0];
+		}
+		if(!allowedUrls.contains(redirectURI)) {
+			LOGGER.error("Url {} was not part of allowed url's",redirectURI);
+			throw new ServiceException(Errors.ALLOWED_URL_EXCEPTION.getErrorCode(), Errors.ALLOWED_URL_EXCEPTION.getErrorMessage());
+		}
+		String uri = loginService.logoutUser(token,redirectURI);
+		res.setStatus(302);
+		res.sendRedirect(uri);
 	}
+
 }
\ No newline at end of file
diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java
index b6777ce6978..97a5b85209b 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/exception/AuthCodeProxyExceptionHandler.java
@@ -11,6 +11,7 @@
 import org.springframework.core.annotation.Order;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationServiceException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.springframework.web.util.ContentCachingRequestWrapper;
@@ -48,6 +49,14 @@ public ResponseEntity<ResponseWrapper<ServiceError>> servieException(
 		return new ResponseEntity<>(
 				getErrorResponse(httpServletRequest, e.getErrorCode(), e.getErrorText()), HttpStatus.OK);
 	}
+	
+	@ExceptionHandler(AuthenticationServiceException.class)
+	public ResponseEntity<ResponseWrapper<ServiceError>> servieException(
+			HttpServletRequest httpServletRequest, final AuthenticationServiceException e) throws IOException {
+		ExceptionUtils.logRootCause(e);
+		return new ResponseEntity<>(
+				getErrorResponse(httpServletRequest,Errors.INVALID_TOKEN.getErrorCode(), e.getMessage()), HttpStatus.OK);
+	}
 
 	@ExceptionHandler(AuthRestException.class)
 	public ResponseEntity<ResponseWrapper<ServiceError>> authRestException(
diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java
index 021ac39575c..1d739234238 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/LoginService.java
@@ -6,7 +6,6 @@
 import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO;
 
 import io.mosip.kernel.authcodeflowproxy.api.dto.MosipUserDto;
-import io.mosip.kernel.core.authmanager.model.AuthResponseDto;
 
 public interface LoginService {
 
@@ -20,7 +19,7 @@ public interface LoginService {
 	AccessTokenResponseDTO loginRedirect(String state, String sessionState, String code, String stateCookie,
 			String redirectURI);
 
-	AuthResponseDto logoutUser(String token);
+	String logoutUser(String token, String redirectURI);
 
 
 }
diff --git a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java
index 9120d2a9d10..2db2f7ad1ac 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/main/java/io/mosip/kernel/authcodeflowproxy/api/service/impl/LoginServiceImpl.java
@@ -1,6 +1,9 @@
 package io.mosip.kernel.authcodeflowproxy.api.service.impl;
 
 import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -30,7 +33,6 @@
 
 import io.mosip.kernel.authcodeflowproxy.api.constants.Constants;
 import io.mosip.kernel.authcodeflowproxy.api.constants.Errors;
-import io.mosip.kernel.authcodeflowproxy.api.constants.IAMConstants;
 import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponse;
 import io.mosip.kernel.authcodeflowproxy.api.dto.AccessTokenResponseDTO;
 import io.mosip.kernel.authcodeflowproxy.api.dto.IAMErrorResponseDto;
@@ -39,7 +41,6 @@
 import io.mosip.kernel.authcodeflowproxy.api.exception.ClientException;
 import io.mosip.kernel.authcodeflowproxy.api.exception.ServiceException;
 import io.mosip.kernel.authcodeflowproxy.api.service.LoginService;
-import io.mosip.kernel.core.authmanager.model.AuthResponseDto;
 import io.mosip.kernel.core.exception.ExceptionUtils;
 import io.mosip.kernel.core.exception.ServiceError;
 import io.mosip.kernel.core.http.ResponseWrapper;
@@ -89,6 +90,14 @@ public class LoginServiceImpl implements LoginService {
 
 	@Value("${auth.server.admin.validate.url}")
 	private String validateUrl;
+	
+	
+	@Value("${mosip.iam.post-logout-uri-param-key:post_logout_redirect_uri}")
+	private String postLogoutRedirectURIParamKey;
+	
+	@Value("${mosip.iam.end-session-endpoint-path:/protocol/openid-connect/logout}")
+	private String endSessionEndpointPath;
+	
 
 	@Autowired
 	private RestTemplate restTemplate;
@@ -96,14 +105,6 @@ public class LoginServiceImpl implements LoginService {
 	@Autowired
 	private ObjectMapper objectMapper;
 
-	private static final String LOG_OUT_FAILED = "log out failed";
-
-	private static final String FAILED = "Failed";
-
-	private static final String SUCCESS = "Success";
-
-	private static final String SUCCESSFULLY_LOGGED_OUT = "successfully loggedout";
-
 	@Override
 	public String login(String redirectURI, String state) {
 		Map<String, String> pathParam = new HashMap<>();
@@ -225,35 +226,21 @@ private IAMErrorResponseDto parseKeyClockErrorResponse(HttpStatusCodeException e
 	}
 
 	@Override
-	public AuthResponseDto logoutUser(String token) {
+	public String logoutUser(String token,String redirectURI) {
 		if (EmptyCheckUtils.isNullEmpty(token)) {
 			throw new AuthenticationServiceException(Errors.INVALID_TOKEN.getErrorMessage());
 		}
-		Map<String, String> pathparams = new HashMap<>();
 		String issuer = getissuer(token);
-		ResponseEntity<String> response = null;
-		AuthResponseDto authResponseDto = new AuthResponseDto();
-		StringBuilder urlBuilder = new StringBuilder().append(issuer).append("/protocol/openid-connect/logout");
-		UriComponentsBuilder uriComponentsBuilder = UriComponentsBuilder.fromUriString(urlBuilder.toString())
-				.queryParam(IAMConstants.ID_TOKEN_HINT, token);
-
+		StringBuilder urlBuilder = new StringBuilder().append(issuer).append(endSessionEndpointPath);
+		UriComponentsBuilder uriComponentsBuilder;
 		try {
-			response = restTemplate.getForEntity(uriComponentsBuilder.buildAndExpand(pathparams).toUriString(),
-					String.class);
-
-		} catch (HttpClientErrorException | HttpServerErrorException e) {
-			throw new ServiceException(Errors.REST_EXCEPTION.getErrorCode(),
-					Errors.REST_EXCEPTION.getErrorMessage() + e.getResponseBodyAsString());
-		}
-
-		if (response.getStatusCode().is2xxSuccessful()) {
-			authResponseDto.setMessage(SUCCESSFULLY_LOGGED_OUT);
-			authResponseDto.setStatus(SUCCESS);
-		} else {
-			authResponseDto.setMessage(LOG_OUT_FAILED);
-			authResponseDto.setStatus(FAILED);
+			uriComponentsBuilder = UriComponentsBuilder.fromUriString(urlBuilder.toString())
+					.queryParam(postLogoutRedirectURIParamKey, URLEncoder.encode(redirectURI, StandardCharsets.UTF_8.toString()));
+		} catch (UnsupportedEncodingException e) {
+			throw new ServiceException(Errors.UNSUPPORTED_ENCODING_EXCEPTION.getErrorCode(),
+					Errors.UNSUPPORTED_ENCODING_EXCEPTION.getErrorMessage() + Constants.WHITESPACE + e.getMessage());
 		}
-		return authResponseDto;
+		return uriComponentsBuilder.build().toString();
 	}
 
 	public String getissuer(String token) {
diff --git a/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java b/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java
index 979cec2a27d..c5df1d8cb12 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java
+++ b/kernel/kernel-authcodeflowproxy-api/src/test/java/io/mosip/kernel/authcodeflowproxy/api/test/controller/AuthProxyControllerTests.java
@@ -42,16 +42,19 @@
 import io.mosip.kernel.authcodeflowproxy.api.test.AuthProxyFlowTestBootApplication;
 import io.mosip.kernel.core.exception.ServiceError;
 import io.mosip.kernel.core.http.ResponseWrapper;
+import io.mosip.kernel.core.util.CryptoUtil;
 
 @SpringBootTest(classes = { AuthProxyFlowTestBootApplication.class })
 @RunWith(SpringRunner.class)
 @AutoConfigureMockMvc
 public class AuthProxyControllerTests {
-	
 
 	@Value("${auth.server.admin.validate.url}")
 	private String validateUrl;
-	
+
+	@Value("${mosip.iam.post-logout-uri-param-key}")
+	private String postLogoutRedirectURIParamKey;
+
 	@Autowired
 	private RestTemplate restTemplate;
 
@@ -60,7 +63,7 @@ public class AuthProxyControllerTests {
 	@Before
 	public void init() {
 		mockServer = MockRestServiceServer.createServer(restTemplate);
-		 
+
 	}
 
 	@Autowired
@@ -69,7 +72,6 @@ public void init() {
 	@Autowired
 	private ObjectMapper objectMapper;
 
-	
 	@Test
 	public void validateTokenTest() throws Exception {
 		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
@@ -79,132 +81,89 @@ public void validateTokenTest() throws Exception {
 		mosipUserDto.setMobile("9999999999");
 		mosipUserDto.setRole("MOCK-ROLE");
 		responseWrapper.setResponse(mosipUserDto);
-		
-	
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI(validateUrl)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.OK)
-		          .contentType(MediaType.APPLICATION_JSON)
-		          .body(objectMapper.writeValueAsString(responseWrapper))); 
+
+		mockServer.expect(ExpectedCount.once(), requestTo(new URI(validateUrl))).andExpect(method(HttpMethod.GET))
+				.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(responseWrapper)));
 		Cookie cookie = new Cookie("Authorization", "mock_access_token");
-		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk())
-				.andExpect(jsonPath("$.response.userId", is("mock-user")));
+		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk()).andExpect(jsonPath("$.response.userId", is("mock-user")));
 	}
-	
+
 	@Test
 	public void validateTokenHttpClientExceptionTest() throws Exception {
 		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-		ServiceError serviceError = new ServiceError("KER-ATH-401", "un auth"); 
+		ServiceError serviceError = new ServiceError("KER-ATH-401", "un auth");
 		List<ServiceError> serviceErrors = new ArrayList<>();
 		serviceErrors.add(serviceError);
 		responseWrapper.setErrors(serviceErrors);
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI(validateUrl)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.UNAUTHORIZED)
-		          .contentType(MediaType.APPLICATION_JSON)
-		          .body(objectMapper.writeValueAsString(responseWrapper))); 
+		mockServer.expect(ExpectedCount.once(), requestTo(new URI(validateUrl))).andExpect(method(HttpMethod.GET))
+				.andRespond(withStatus(HttpStatus.UNAUTHORIZED).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(responseWrapper)));
 		Cookie cookie = new Cookie("Authorization", "mock_access_token");
-		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isUnauthorized())
-				.andExpect(jsonPath("$.errors[0].errorCode", is("KER-ATH-401")));
+		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isUnauthorized()).andExpect(jsonPath("$.errors[0].errorCode", is("KER-ATH-401")));
 	}
-	
+
 	@Test
 	public void validateTokenInternalServerTest() throws Exception {
 		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-		ServiceError serviceError = new ServiceError("KER-ATH-401", "un auth"); 
+		ServiceError serviceError = new ServiceError("KER-ATH-401", "un auth");
 		List<ServiceError> serviceErrors = new ArrayList<>();
 		serviceErrors.add(serviceError);
 		responseWrapper.setErrors(serviceErrors);
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI(validateUrl)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.INTERNAL_SERVER_ERROR)
-		          .contentType(MediaType.APPLICATION_JSON)
-		          .body(objectMapper.writeValueAsString("internal server error"))); 
+		mockServer.expect(ExpectedCount.once(), requestTo(new URI(validateUrl))).andExpect(method(HttpMethod.GET))
+				.andRespond(withStatus(HttpStatus.INTERNAL_SERVER_ERROR).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString("internal server error")));
 		Cookie cookie = new Cookie("Authorization", "mock_access_token");
-		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk())
+		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk())
 				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.REST_EXCEPTION.getErrorCode())));
 	}
-	
+
 	@Test
 	public void validateTokenErrorResponseTest() throws Exception {
 		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-	    List<ServiceError> errors =new ArrayList<>();
-	    ServiceError error= new ServiceError("MOCKERRORCODE", "MOCKERROR");
-	    errors.add(error);
+		List<ServiceError> errors = new ArrayList<>();
+		ServiceError error = new ServiceError("MOCKERRORCODE", "MOCKERROR");
+		errors.add(error);
 		responseWrapper.setErrors(errors);
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI(validateUrl)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.OK)
-		          .contentType(MediaType.APPLICATION_JSON)
-		          .body(objectMapper.writeValueAsString(responseWrapper))); 
+		mockServer.expect(ExpectedCount.once(), requestTo(new URI(validateUrl))).andExpect(method(HttpMethod.GET))
+				.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(responseWrapper)));
 		Cookie cookie = new Cookie("Authorization", "mock_access_token");
-		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk())
-				.andExpect(jsonPath("$.errors[0].errorCode", is("MOCKERRORCODE")));
+		mockMvc.perform(get("/authorize/admin/validateToken").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is("MOCKERRORCODE")));
 	}
-	
+
 	@Test
 	public void logoutTest() throws Exception {
-		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-		MosipUserDto mosipUserDto = new MosipUserDto();
-		mosipUserDto.setUserId("mock-user");
-		mosipUserDto.setMail("mock-user@mosip.io");
-		mosipUserDto.setMobile("9999999999");
-		mosipUserDto.setRole("MOCK-ROLE");
-		responseWrapper.setResponse(mosipUserDto);
-		
-		String mockToken="eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJzNmYxcDYwYWVDTTBrNy1NaW9sN0Zib2FTdXlRYm95UC03S1RUTmVWLWZNIn0.eyJqdGkiOiJmYTU4Y2NjMC00ZDRiLTQ2ZjAtYjgwOC0yMWI4ZTdhNmMxNDMiLCJleHAiOjE2NDAxODc3MTksIm5iZiI6MCwiaWF0IjoxNjQwMTUxNzE5LCJpc3MiOiJodHRwczovL2Rldi5tb3NpcC5uZXQva2V5Y2xvYWsvYXV0aC9yZWFsbXMvbW9zaXAiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiOWRiZTE0MDEtNTQ1NC00OTlhLTlhMWItNzVhZTY4M2Q0MjZhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiY2QwYjU5NjEtOTYzMi00NmE0LWIzMzgtODc4MWEzNDVmMTZiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2Rldi5tb3NpcC5uZXQiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkNSRURFTlRJQUxfUkVRVUVTVCIsIlJFU0lERU5UIiwib2ZmbGluZV9hY2Nlc3MiLCJQQVJUTkVSX0FETUlOIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb3NpcC1yZXNpZGVudC1jbGllbnQiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImNsaWVudEhvc3QiOiIxMC4yNDQuNS4xNDgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LW1vc2lwLXJlc2lkZW50LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxMC4yNDQuNS4xNDgifQ.xZq1m3mBTEvFDENKFOI59QsSl3sd_TSDNbhTAOq4x_x_4voPc4hh08gIxUdsVHfXY4T0P8DdZ1xNt8xd1VWc33Hc4b_3kK7ksGY4wwqtb0-pDLQGajCGuG6vebC1rYcjsGRbJ1Gnrj_F2RNY4Ky6Nq5SAJ1Lh_NVKNKFghAXb3YrlmqlmCB1fCltC4XBqNnF5_k4uzLCu_Wr0lt_M87X97DktaRGLOD2_HY1Ire9YPsWkoO8y7X_DRCY59yQDVgYs2nAiR6Am-c55Q0fEQ0HuB4IJHlhtMHm27dXPdOEhFhR8ZPOyeO6ZIcIm0ZTDjusrruqWy2_yO5fe3XIHkCOAw";
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("https://dev.mosip.net/keycloak/auth/realms/mosip/protocol/openid-connect/logout?id_token_hint="+mockToken)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.OK)); 
+		String mockToken = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJzNmYxcDYwYWVDTTBrNy1NaW9sN0Zib2FTdXlRYm95UC03S1RUTmVWLWZNIn0.eyJqdGkiOiJmYTU4Y2NjMC00ZDRiLTQ2ZjAtYjgwOC0yMWI4ZTdhNmMxNDMiLCJleHAiOjE2NDAxODc3MTksIm5iZiI6MCwiaWF0IjoxNjQwMTUxNzE5LCJpc3MiOiJodHRwczovL2Rldi5tb3NpcC5uZXQva2V5Y2xvYWsvYXV0aC9yZWFsbXMvbW9zaXAiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiOWRiZTE0MDEtNTQ1NC00OTlhLTlhMWItNzVhZTY4M2Q0MjZhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiY2QwYjU5NjEtOTYzMi00NmE0LWIzMzgtODc4MWEzNDVmMTZiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2Rldi5tb3NpcC5uZXQiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkNSRURFTlRJQUxfUkVRVUVTVCIsIlJFU0lERU5UIiwib2ZmbGluZV9hY2Nlc3MiLCJQQVJUTkVSX0FETUlOIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb3NpcC1yZXNpZGVudC1jbGllbnQiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImNsaWVudEhvc3QiOiIxMC4yNDQuNS4xNDgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LW1vc2lwLXJlc2lkZW50LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxMC4yNDQuNS4xNDgifQ.xZq1m3mBTEvFDENKFOI59QsSl3sd_TSDNbhTAOq4x_x_4voPc4hh08gIxUdsVHfXY4T0P8DdZ1xNt8xd1VWc33Hc4b_3kK7ksGY4wwqtb0-pDLQGajCGuG6vebC1rYcjsGRbJ1Gnrj_F2RNY4Ky6Nq5SAJ1Lh_NVKNKFghAXb3YrlmqlmCB1fCltC4XBqNnF5_k4uzLCu_Wr0lt_M87X97DktaRGLOD2_HY1Ire9YPsWkoO8y7X_DRCY59yQDVgYs2nAiR6Am-c55Q0fEQ0HuB4IJHlhtMHm27dXPdOEhFhR8ZPOyeO6ZIcIm0ZTDjusrruqWy2_yO5fe3XIHkCOAw";
 		Cookie cookie = new Cookie("Authorization", mockToken);
-		mockMvc.perform(delete("/logout/user").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk())
-				.andExpect(jsonPath("$.response.status", is("Success")));
+		mockMvc.perform(get(
+				"/logout/user?redirecturi=" + CryptoUtil.encodeToURLSafeBase64("http://localhost:5000/".getBytes()))
+						.contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().is3xxRedirection());
 	}
-	
-	
+
+	@Test
 	public void logoutNullTokenTest() throws Exception {
-		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-		MosipUserDto mosipUserDto = new MosipUserDto();
-		mosipUserDto.setUserId("mock-user");
-		mosipUserDto.setMail("mock-user@mosip.io");
-		mosipUserDto.setMobile("9999999999");
-		mosipUserDto.setRole("MOCK-ROLE");
-		responseWrapper.setResponse(mosipUserDto);
-		
-		String mockToken="eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJzNmYxcDYwYWVDTTBrNy1NaW9sN0Zib2FTdXlRYm95UC03S1RUTmVWLWZNIn0.eyJqdGkiOiJmYTU4Y2NjMC00ZDRiLTQ2ZjAtYjgwOC0yMWI4ZTdhNmMxNDMiLCJleHAiOjE2NDAxODc3MTksIm5iZiI6MCwiaWF0IjoxNjQwMTUxNzE5LCJpc3MiOiJodHRwczovL2Rldi5tb3NpcC5uZXQva2V5Y2xvYWsvYXV0aC9yZWFsbXMvbW9zaXAiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiOWRiZTE0MDEtNTQ1NC00OTlhLTlhMWItNzVhZTY4M2Q0MjZhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiY2QwYjU5NjEtOTYzMi00NmE0LWIzMzgtODc4MWEzNDVmMTZiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2Rldi5tb3NpcC5uZXQiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkNSRURFTlRJQUxfUkVRVUVTVCIsIlJFU0lERU5UIiwib2ZmbGluZV9hY2Nlc3MiLCJQQVJUTkVSX0FETUlOIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb3NpcC1yZXNpZGVudC1jbGllbnQiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImNsaWVudEhvc3QiOiIxMC4yNDQuNS4xNDgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LW1vc2lwLXJlc2lkZW50LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxMC4yNDQuNS4xNDgifQ.xZq1m3mBTEvFDENKFOI59QsSl3sd_TSDNbhTAOq4x_x_4voPc4hh08gIxUdsVHfXY4T0P8DdZ1xNt8xd1VWc33Hc4b_3kK7ksGY4wwqtb0-pDLQGajCGuG6vebC1rYcjsGRbJ1Gnrj_F2RNY4Ky6Nq5SAJ1Lh_NVKNKFghAXb3YrlmqlmCB1fCltC4XBqNnF5_k4uzLCu_Wr0lt_M87X97DktaRGLOD2_HY1Ire9YPsWkoO8y7X_DRCY59yQDVgYs2nAiR6Am-c55Q0fEQ0HuB4IJHlhtMHm27dXPdOEhFhR8ZPOyeO6ZIcIm0ZTDjusrruqWy2_yO5fe3XIHkCOAw";
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("https://dev.mosip.net/keycloak/auth/realms/mosip/protocol/openid-connect/logout?id_token_hint="+mockToken)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.OK)); 
-		mockMvc.perform(delete("/logout/user").contentType(MediaType.APPLICATION_JSON))
-		.andExpect(jsonPath("$.errors[0].errorCode", is("KER-ACP-500")));;
+		mockMvc.perform(get(
+				"/logout/user?redirecturi=" + CryptoUtil.encodeToURLSafeBase64("http://localhost:5000/".getBytes()))
+						.contentType(MediaType.APPLICATION_JSON))
+				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.INVALID_TOKEN.getErrorCode())));
 	}
-	
+
 	@Test
 	public void logoutServerErrorTokenTest() throws Exception {
-		ResponseWrapper<MosipUserDto> responseWrapper = new ResponseWrapper<MosipUserDto>();
-		MosipUserDto mosipUserDto = new MosipUserDto();
-		mosipUserDto.setUserId("mock-user");
-		mosipUserDto.setMail("mock-user@mosip.io");
-		mosipUserDto.setMobile("9999999999");
-		mosipUserDto.setRole("MOCK-ROLE");
-		responseWrapper.setResponse(mosipUserDto);
-		
-		String mockToken="eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJzNmYxcDYwYWVDTTBrNy1NaW9sN0Zib2FTdXlRYm95UC03S1RUTmVWLWZNIn0.eyJqdGkiOiJmYTU4Y2NjMC00ZDRiLTQ2ZjAtYjgwOC0yMWI4ZTdhNmMxNDMiLCJleHAiOjE2NDAxODc3MTksIm5iZiI6MCwiaWF0IjoxNjQwMTUxNzE5LCJpc3MiOiJodHRwczovL2Rldi5tb3NpcC5uZXQva2V5Y2xvYWsvYXV0aC9yZWFsbXMvbW9zaXAiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiOWRiZTE0MDEtNTQ1NC00OTlhLTlhMWItNzVhZTY4M2Q0MjZhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiY2QwYjU5NjEtOTYzMi00NmE0LWIzMzgtODc4MWEzNDVmMTZiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2Rldi5tb3NpcC5uZXQiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkNSRURFTlRJQUxfUkVRVUVTVCIsIlJFU0lERU5UIiwib2ZmbGluZV9hY2Nlc3MiLCJQQVJUTkVSX0FETUlOIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb3NpcC1yZXNpZGVudC1jbGllbnQiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImNsaWVudEhvc3QiOiIxMC4yNDQuNS4xNDgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LW1vc2lwLXJlc2lkZW50LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxMC4yNDQuNS4xNDgifQ.xZq1m3mBTEvFDENKFOI59QsSl3sd_TSDNbhTAOq4x_x_4voPc4hh08gIxUdsVHfXY4T0P8DdZ1xNt8xd1VWc33Hc4b_3kK7ksGY4wwqtb0-pDLQGajCGuG6vebC1rYcjsGRbJ1Gnrj_F2RNY4Ky6Nq5SAJ1Lh_NVKNKFghAXb3YrlmqlmCB1fCltC4XBqNnF5_k4uzLCu_Wr0lt_M87X97DktaRGLOD2_HY1Ire9YPsWkoO8y7X_DRCY59yQDVgYs2nAiR6Am-c55Q0fEQ0HuB4IJHlhtMHm27dXPdOEhFhR8ZPOyeO6ZIcIm0ZTDjusrruqWy2_yO5fe3XIHkCOAw";
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("https://dev.mosip.net/keycloak/auth/realms/mosip/protocol/openid-connect/logout?id_token_hint="+mockToken)))
-		          .andExpect(method(HttpMethod.GET))
-		          .andRespond(withStatus(HttpStatus.BAD_REQUEST)); 
+
+		String mockToken = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJzNmYxcDYwYWVDTTBrNy1NaW9sN0Zib2FTdXlRYm95UC03S1RUTmVWLWZNIn0.eyJqdGkiOiJmYTU4Y2NjMC00ZDRiLTQ2ZjAtYjgwOC0yMWI4ZTdhNmMxNDMiLCJleHAiOjE2NDAxODc3MTksIm5iZiI6MCwiaWF0IjoxNjQwMTUxNzE5LCJpc3MiOiJodHRwczovL2Rldi5tb3NpcC5uZXQva2V5Y2xvYWsvYXV0aC9yZWFsbXMvbW9zaXAiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiOWRiZTE0MDEtNTQ1NC00OTlhLTlhMWItNzVhZTY4M2Q0MjZhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiY2QwYjU5NjEtOTYzMi00NmE0LWIzMzgtODc4MWEzNDVmMTZiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyJodHRwczovL2Rldi5tb3NpcC5uZXQiXSwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIkNSRURFTlRJQUxfUkVRVUVTVCIsIlJFU0lERU5UIiwib2ZmbGluZV9hY2Nlc3MiLCJQQVJUTkVSX0FETUlOIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb3NpcC1yZXNpZGVudC1jbGllbnQiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoicHJvZmlsZSBlbWFpbCIsImNsaWVudEhvc3QiOiIxMC4yNDQuNS4xNDgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9zaXAtcmVzaWRlbnQtY2xpZW50IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LW1vc2lwLXJlc2lkZW50LWNsaWVudCIsImNsaWVudEFkZHJlc3MiOiIxMC4yNDQuNS4xNDgifQ.xZq1m3mBTEvFDENKFOI59QsSl3sd_TSDNbhTAOq4x_x_4voPc4hh08gIxUdsVHfXY4T0P8DdZ1xNt8xd1VWc33Hc4b_3kK7ksGY4wwqtb0-pDLQGajCGuG6vebC1rYcjsGRbJ1Gnrj_F2RNY4Ky6Nq5SAJ1Lh_NVKNKFghAXb3YrlmqlmCB1fCltC4XBqNnF5_k4uzLCu_Wr0lt_M87X97DktaRGLOD2_HY1Ire9YPsWkoO8y7X_DRCY59yQDVgYs2nAiR6Am-c55Q0fEQ0HuB4IJHlhtMHm27dXPdOEhFhR8ZPOyeO6ZIcIm0ZTDjusrruqWy2_yO5fe3XIHkCOAw";
 		Cookie cookie = new Cookie("Authorization", mockToken);
-		mockMvc.perform(delete("/logout/user").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk())
-				.andExpect(jsonPath("$.errors[0].errorCode", isA(String.class)));
+		mockMvc.perform(get(
+				"/logout/user?redirecturi=" + CryptoUtil.encodeToURLSafeBase64("http://localhost:2000/".getBytes())).contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is(Errors.ALLOWED_URL_EXCEPTION.getErrorCode())));
 	}
-	
+
 	
 	@Test
 	public void loginTest() throws Exception {
@@ -212,94 +171,112 @@ public void loginTest() throws Exception {
 		Cookie cookie = new Cookie("state", UUID.randomUUID().toString());
 		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().is3xxRedirection());
 	}
-	
+  
+
 	@Test
-	public void logoutRedirectTest() throws Exception {
+	public void loginRedirectTest() throws Exception {
 		AccessTokenResponse accessTokenResponse = new AccessTokenResponse();
 		accessTokenResponse.setAccess_token("mock-access-token");
 		accessTokenResponse.setExpires_in("111");
-		
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
-		          .andExpect(method(HttpMethod.POST))
-		          .andRespond(withStatus(HttpStatus.OK)
-		          .contentType(MediaType.APPLICATION_JSON)
-				  .body(objectMapper.writeValueAsString(accessTokenResponse)));		  
+
+		mockServer
+				.expect(ExpectedCount.once(),
+						requestTo(new URI(
+								"http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
+				.andExpect(method(HttpMethod.POST))
+				.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(accessTokenResponse)));
 		Cookie cookie = new Cookie("state", "mockstate");
-		mockMvc.perform(get("/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().is3xxRedirection());
+		mockMvc.perform(get(
+				"/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLw==?state=mockstate&session_state=mock-session-state&code=mockcode")
+						.contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().is3xxRedirection());
 	}
-	
-	
+
 	@Test
-	public void logoutRedirectTestWithHash() throws Exception {
+	public void loginRedirectTestWithHash() throws Exception {
 		AccessTokenResponse accessTokenResponse = new AccessTokenResponse();
 		accessTokenResponse.setAccess_token("mock-access-token");
 		accessTokenResponse.setExpires_in("111");
-		
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
-		          .andExpect(method(HttpMethod.POST))
-		          .andRespond(withStatus(HttpStatus.OK)
-		          .contentType(MediaType.APPLICATION_JSON)
-				  .body(objectMapper.writeValueAsString(accessTokenResponse)));		  
+
+		mockServer
+				.expect(ExpectedCount.once(),
+						requestTo(new URI(
+								"http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
+				.andExpect(method(HttpMethod.POST))
+				.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(accessTokenResponse)));
 		Cookie cookie = new Cookie("state", "mockstate");
-		mockMvc.perform(get("/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLyMvcmFuZG9tcGF0bS9yYW5kb21wYXRo?state=mockstate&session_state=mock-session-state&code=mockcode").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().is3xxRedirection());
+		mockMvc.perform(get(
+				"/login-redirect/aHR0cDovL2xvY2FsaG9zdDo1MDAwLyMvcmFuZG9tcGF0bS9yYW5kb21wYXRo?state=mockstate&session_state=mock-session-state&code=mockcode")
+						.contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().is3xxRedirection());
 	}
-	
+
 	@Test
-	public void logoutServerExceptionRedirectTest() throws Exception {
+	public void loginServerExceptionRedirectTest() throws Exception {
 		IAMErrorResponseDto errorResponseDto = new IAMErrorResponseDto();
 		errorResponseDto.setError("seerver error");
 		errorResponseDto.setError_description("sending mock error");
-		
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
-		          .andExpect(method(HttpMethod.POST))
-		          .andRespond(withStatus(HttpStatus.INTERNAL_SERVER_ERROR)
-		          .contentType(MediaType.APPLICATION_JSON)
-				  .body(objectMapper.writeValueAsString(errorResponseDto)));		  
+
+		mockServer
+				.expect(ExpectedCount.once(),
+						requestTo(new URI(
+								"http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
+				.andExpect(method(HttpMethod.POST))
+				.andRespond(withStatus(HttpStatus.INTERNAL_SERVER_ERROR).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(errorResponseDto)));
 		Cookie cookie = new Cookie("state", "mockstate");
-		mockMvc.perform(get("/login-redirect/abc?state=mockstate&session_state=mock-session-state&code=mockcode").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().is2xxSuccessful()).andExpect(jsonPath("$.errors[0].message", isA(String.class)));
+		mockMvc.perform(get("/login-redirect/abc?state=mockstate&session_state=mock-session-state&code=mockcode")
+				.contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().is2xxSuccessful())
+				.andExpect(jsonPath("$.errors[0].message", isA(String.class)));
 	}
-	
+
 	@Test
 	public void loginUUIDEmptyTest() throws Exception {
-		//http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
+		// http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
 		Cookie cookie = new Cookie("state", "");
-		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NULL_EXCEPTION.getErrorCode())));
+		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk())
+				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NULL_EXCEPTION.getErrorCode())));
 	}
-	
+
 	@Test
 	public void loginUUIDNullTest() throws Exception {
-		//http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
-		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NULL_EXCEPTION.getErrorCode())));
+		// http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
+		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk())
+				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NULL_EXCEPTION.getErrorCode())));
 	}
-	
+
 	@Test
 	public void loginInvalidUUIDTest() throws Exception {
-		//http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
+		// http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/auth?client_id=mosip-admin-client&redirect_uri=http://localhost:8082/v1/admin/login-redirect/abc&state=mock-state&response_type=code&scope=cls
 		Cookie cookie = new Cookie("state", "abc/nabc");
-		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NOT_UUID_EXCEPTION.getErrorCode())));
+		mockMvc.perform(get("/login/abc").contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk())
+				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.STATE_NOT_UUID_EXCEPTION.getErrorCode())));
 	}
-	
-	
-	
-	
+
 	@Test
 	public void logoutRedirectHostCheckTest() throws Exception {
 		AccessTokenResponse accessTokenResponse = new AccessTokenResponse();
 		accessTokenResponse.setAccess_token("mock-access-token");
 		accessTokenResponse.setExpires_in("111");
-		
-		mockServer.expect(ExpectedCount.once(), 
-		          requestTo(new URI("http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
-		          .andExpect(method(HttpMethod.POST))
-		          .andRespond(withStatus(HttpStatus.OK)
-		          .contentType(MediaType.APPLICATION_JSON)
-				  .body(objectMapper.writeValueAsString(accessTokenResponse)));		  
+
+		mockServer
+				.expect(ExpectedCount.once(),
+						requestTo(new URI(
+								"http://localhost:8080/keycloak/auth/realms/mosip/protocol/openid-connect/token")))
+				.andExpect(method(HttpMethod.POST))
+				.andRespond(withStatus(HttpStatus.OK).contentType(MediaType.APPLICATION_JSON)
+						.body(objectMapper.writeValueAsString(accessTokenResponse)));
 		Cookie cookie = new Cookie("state", "mockstate");
-		mockMvc.perform(get("/login-redirect/aHR0cDovL2FiOjUwMDAv?state=mockstate&session_state=mock-session-state&code=mockcode").contentType(MediaType.APPLICATION_JSON).cookie(cookie)).andExpect(status().isOk()).andExpect(jsonPath("$.errors[0].errorCode", is(Errors.ALLOWED_URL_EXCEPTION.getErrorCode())));;
+		mockMvc.perform(get(
+				"/login-redirect/aHR0cDovL2FiOjUwMDAv?state=mockstate&session_state=mock-session-state&code=mockcode")
+						.contentType(MediaType.APPLICATION_JSON).cookie(cookie))
+				.andExpect(status().isOk())
+				.andExpect(jsonPath("$.errors[0].errorCode", is(Errors.ALLOWED_URL_EXCEPTION.getErrorCode())));
+		;
 	}
-	
 
 }
diff --git a/kernel/kernel-authcodeflowproxy-api/src/test/resources/application-test.properties b/kernel/kernel-authcodeflowproxy-api/src/test/resources/application-test.properties
index 9ef680b7db7..ccdc42f4d1e 100644
--- a/kernel/kernel-authcodeflowproxy-api/src/test/resources/application-test.properties
+++ b/kernel/kernel-authcodeflowproxy-api/src/test/resources/application-test.properties
@@ -39,4 +39,6 @@ mosip.iam.base-url=http://localhost:8080/keycloak
 mosip.iam.authorization_endpoint=${mosip.iam.base-url}/auth/realms/{realmId}/protocol/openid-connect/auth
 mosip.iam.token_endpoint=${mosip.iam.base-url}/auth/realms/{realmId}/protocol/openid-connect/token
 auth.allowed.urls=http://localhost:5000/
+mosip.iam.post-logout-uri-param-key=post_logout_redirect_uri
+mosip.iam.end-session-endpoint-path=/protocol/openid-connect/logout