Revoke the calling session API key + clear the session cookie.
Idempotent: an unknown / already-revoked / non-rk_* token is
silently treated as success, since the user-facing outcome (“I
am logged out”) is the same regardless of server-side state.
Cookie is unconditionally cleared so the browser stops sending
a stale value.
Documentation Index
Fetch the complete documentation index at: https://docs.roughy.ai/llms.txt
Use this file to discover all available pages before exploring further.
An API key — either a programmatic key minted via POST /api-keys or a session-class key minted by POST /auth/login / an OAuth callback. Pass it as Authorization: Bearer <token>. UI flows can omit the header — the roughy_session HttpOnly cookie set by login + OAuth callbacks is read as a fallback.
Successful Response