Which HTTP method should Login and Logout Actions use in a “RESTful” setup

Question

Curious how others here would represent these in a REST architecture.

/users/login/
/users/logout/

These endpoints set up the session to lo

Answer 1

You should use POST - using GET for these actions can lead to issues with browser prefetching and search engine spidering. See (1, 2)