I have a bunch of .NET “jobs” that sync and pull data from Acumatica for use in an external eCommerce website.
I often hit the login rate limit error and have been told to make sure I logout after each iteration.
I call the /identity/connect/token endpoint and pass in my client_id, secret, API Username and API Password with the grant type of password. Its a typical oAuth flow.

In testing via postman, I have logged in, did a simple GET query to return some data...then call the logout endpoint (with my bearer token). It returns a 204 success status code.
/entity/auth/logout
The issue is, I can go back and call the GET query to return some data. I would expect that my bearer token would be invalidated and that GET call would fail. However, it still works. This leads me to believe that I am not truly being logged out.
I am reading that I need to pass in a cookie to the logout call, but I can’t really find out how that works. I am not used to working with cookies in a typical oAuth pattern.
Can someone point me in the right direction? If I can get this to work...I will add in the Logout method to all my logic and it should hopefully resolve those rate limit errors.
Thank you in advance!
Best answer by Dmitrii Naumov
View original