diff --git a/account/jwt.go b/account/jwt.go
index 27f530a..0ac7c1b 100644
--- a/account/jwt.go
+++ b/account/jwt.go
@@ -121,3 +121,26 @@ func SetAuthCookie(jc jape.Context, jwt string, apiName string) {
 		})
 	}
 }
+
+func ClearAuthCookie(jc jape.Context, apiName string) {
+	for name, api := range apiRegistry.GetAllAPIs() {
+		routeableApi, ok := api.(router.RoutableAPI)
+		if !ok {
+			continue
+		}
+
+		if len(apiName) > 0 && apiName != name {
+			continue
+		}
+
+		http.SetCookie(jc.ResponseWriter, &http.Cookie{
+			Name:     routeableApi.AuthTokenName(),
+			Value:    "",
+			Expires:  time.Now().Add(-1 * time.Hour),
+			Secure:   true,
+			HttpOnly: true,
+			Path:     "/",
+			Domain:   routeableApi.Domain(),
+		})
+	}
+}
diff --git a/api/account/account.go b/api/account/account.go
index aaf9ab5..2d8290f 100644
--- a/api/account/account.go
+++ b/api/account/account.go
@@ -304,6 +304,10 @@ func (a AccountAPI) accountInfo(jc jape.Context) {
 
 }
 
+func (a AccountAPI) logout(c jape.Context) {
+	account.ClearAuthCookie(c, "")
+}
+
 func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 	loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
 		Identity:     a.identity,
@@ -375,6 +379,7 @@ func (a *AccountAPI) Routes() (*httprouter.Router, error) {
 		"POST /api/auth/otp/disable":            middleware.ApplyMiddlewares(a.otpDisable, authMw, middleware.ProxyMiddleware),
 		"POST /api/auth/password-reset/request": middleware.ApplyMiddlewares(a.passwordResetRequest, middleware.ProxyMiddleware),
 		"POST /api/auth/password-reset/confirm": middleware.ApplyMiddlewares(a.passwordResetConfirm, middleware.ProxyMiddleware),
+		"POST /api/auth/logout":                 middleware.ApplyMiddlewares(a.logout, authMw, middleware.ProxyMiddleware),
 		"GET /*path":                            getHandler,
 	}
 
diff --git a/api/account/swagger.yaml b/api/account/swagger.yaml
index 3e9f96e..92270cf 100644
--- a/api/account/swagger.yaml
+++ b/api/account/swagger.yaml
@@ -22,6 +22,12 @@ paths:
                                 $ref: '#/components/schemas/LoginResponse'
                 '401':
                     description: Unauthorized
+    /api/auth/logout:
+        post:
+            summary: Logout of account service
+            responses:
+                '200':
+                    description: Successfully logged out
     /api/auth/register:
         post:
             summary: Register a new account