#refresh_token is required in either the JSON payload or Cookie | SOLVED

I have this error when i try to logout with the SDK. I try to modify the .env with true and none as the known solution, but with the latest version of directus it seems not to work. Anybody has an idea?

I didn't understand the second part of your question. But from the error it seems like the refresh_token is missing in your call to the logout endpoint. Can you show how you create the the directus instance and how you use it to logout?

Thank for the reply. I work with next js. and here is the instance ```import { Directus } from "@directus/sdk";
import getConfig from "next/config";

const { publicRuntimeConfig } = getConfig();

const { url } = publicRuntimeConfig;

const directus = new Directus(url);

export default directus;

the logout is in my navbar with an onclick function const logout = async () => { await directus.auth.logout(); setToken(null); setIsAuthenticated(false); };

Everything works fine except for the disconnection because of this well-known error that I can't fix with this version.

Maybe, as a workaround, you can just send the request using fetch?

const response = await fetch(
      `${url}/auth/logout`,
      {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json'
        },
        body: JSON.stringify({ refreshToken: token })
      }
    );

but where do I find the refresh token with the SDK ? I only have the token right?

Both tokens should be returned in your call to directus.auth.login()

Just tried but get only accces_token

I need to precise that I have other directus on another VPS with older version of directus and for at least one of them IT works

Only with the SDK i don't have to get the refresh

could it be some permission on the vps like from mysql or the directus folder for example?

Hm that's strange because the auth/login endpoint contains the refresh token

Maybe this is related: https://github.com/directus/directus/issues/12458

It help to find the refresh token in header but I just realize that It seems when i'm logged I haven't the permission of the current user role, like if it's a public role. Need to confirm that. But i will investigate deeper. BTW thanks for all your help

I really thank you for your help, I found the solution ******. My friend configured his project in http and not in https... So https solved our problem.