When using header authentication in Graylog, logouts are not possible. The page merely reloads and the user is logged back in.
I’ve noticed the user merely gets directed to /. There is no specific logout url. I can see there is a DELETE call to /api/system/sessions/X.
I am curious if anybody else has solved this issue or found a workaround for it? Including a configuration option linked to trusted headers like logout_redirect_url (which would redirect the user to a logout page after clicking logout) would be useful.