diff --git a/jwt.go b/jwt.go
index 5a18287..0fdc330 100644
--- a/jwt.go
+++ b/jwt.go
@@ -35,6 +35,9 @@ func (m *JwtAuthMiddleware) ParseAuthHeader(ctx *gin.Context) error {
 	m.tokenString = jwtArr[1]
 	return nil
 }
+func (m *JwtAuthMiddleware) GetTokenStr() *string {
+	return &m.tokenString
+}
 
 func (m *JwtAuthMiddleware) ParseJwtToken(ctx *gin.Context) error {
 	//todo move to new res
diff --git a/middleware.go b/middleware.go
index 9ab8c6d..ecf4d6c 100644
--- a/middleware.go
+++ b/middleware.go
@@ -11,6 +11,7 @@ type Middleware interface {
 	ParseJwtToken(ctx *gin.Context) error
 	GetUser(ctx *gin.Context) (*gorf.BaseUser, error)
 	Authenticate(ctx *gin.Context) (*gorf.BaseUser, error)
+	GetTokenStr() *string
 }
 
 func AuthenticationRequiredMiddleware(ctx *gin.Context) {
diff --git a/settings.go b/settings.go
index 3c0df89..d979ec7 100644
--- a/settings.go
+++ b/settings.go
@@ -13,7 +13,7 @@ type authSettings struct {
 	UserPool       string
 	Region         string
 	UserObjId      string
-	AuthMiddleware *JwtAuthMiddleware
+	AuthMiddleware Middleware
 	JwkRes         *JwkRes
 }
 
diff --git a/urls.go b/urls.go
index 0e7bbf4..da59746 100644
--- a/urls.go
+++ b/urls.go
@@ -4,5 +4,6 @@ import "github.com/gin-gonic/gin"
 
 func Urls(r *gin.Engine) {
 	r.POST("auth/login", UserLogin)
+	r.GET("auth/logout", AuthenticationRequiredMiddleware, UserLogout)
 	r.GET("auth/protected-api", AuthenticationRequiredMiddleware, ProtectedApi)
 }
diff --git a/views.go b/views.go
index fb8e746..ff5e4f9 100644
--- a/views.go
+++ b/views.go
@@ -1,6 +1,7 @@
 package auth
 
 import (
+	"fmt"
 	"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider"
 	"github.com/aws/aws-sdk-go-v2/service/cognitoidentityprovider/types"
 	"github.com/gin-gonic/gin"
@@ -44,7 +45,35 @@ func UserLogin(ctx *gin.Context) {
 }
 
 func ProtectedApi(ctx *gin.Context) {
+	//todo fix format
 	gorf.Response(ctx, gin.H{
 		"Status": "ok",
 	})
 }
+
+func UserLogout(ctx *gin.Context) {
+
+	err := Settings.AuthMiddleware.ParseAuthHeader(ctx)
+	if err != nil {
+		gorf.BadRequest(ctx, "error on parsing header", err)
+		return
+	}
+
+	tokenInput := &cognitoidentityprovider.RevokeTokenInput{
+		ClientId: &Settings.ClientId,
+		Token:    Settings.AuthMiddleware.GetTokenStr(),
+	}
+
+	result, err := client.RevokeToken(cognitoCtx, tokenInput)
+	if err != nil {
+		gorf.BadRequest(ctx, "failed to revoke token", err)
+		return
+	}
+
+	fmt.Println(result.ResultMetadata)
+
+	//fix format
+	gorf.Response(ctx, gin.H{
+		"Status": "logout successfully",
+	})
+}