diff --git a/packages/api/src/controllers/auth.js b/packages/api/src/controllers/auth.js
index 52bdbbb55..47bc5b00c 100644
--- a/packages/api/src/controllers/auth.js
+++ b/packages/api/src/controllers/auth.js
@@ -21,7 +21,13 @@ const {
 } = require('../utility/cloudIntf');
 const socket = require('../utility/socket');
 const { sendToAuditLog } = require('../utility/auditlog');
-const { isLoginLicensed, LOGIN_LIMIT_ERROR } = require('../utility/loginchecker');
+const {
+  isLoginLicensed,
+  LOGIN_LIMIT_ERROR,
+  markTokenAsLoggedIn,
+  markUserAsActive,
+  markLoginAsLoggedOut,
+} = require('../utility/loginchecker');
 
 const logger = getLogger('auth');
 
@@ -79,7 +85,7 @@ function authMiddleware(req, res, next) {
   try {
     const decoded = jwt.verify(token, getTokenSecret());
     req.user = decoded;
-    storage.markUserAsActive(decoded.licenseUid);
+    markUserAsActive(decoded.licenseUid, token);
 
     return next();
   } catch (err) {
@@ -124,19 +130,23 @@ module.exports = {
           message: 'Administration login successful',
         });
 
+        const licenseUid = `superadmin`;
+        const accessToken = jwt.sign(
+          {
+            login: 'superadmin',
+            permissions: await storage.loadSuperadminPermissions(),
+            roleId: -3,
+            licenseUid,
+          },
+          getTokenSecret(),
+          {
+            expiresIn: getTokenLifetime(),
+          }
+        );
+        markTokenAsLoggedIn(licenseUid, accessToken);
+
         return {
-          accessToken: jwt.sign(
-            {
-              login: 'superadmin',
-              permissions: await storage.loadSuperadminPermissions(),
-              roleId: -3,
-              licenseUid: `superadmin`,
-            },
-            getTokenSecret(),
-            {
-              expiresIn: getTokenLifetime(),
-            }
-          ),
+          accessToken,
         };
       }
 
@@ -192,5 +202,17 @@ module.exports = {
     return tokenHolder;
   },
 
+  logoutAdmin_meta: true,
+  async logoutAdmin() {
+    await markLoginAsLoggedOut('superadmin');
+    return true;
+  },
+
+  logoutUser_meta: true,
+  async logoutUser({}, req) {
+    await markLoginAsLoggedOut(req?.user?.licenseUid);
+    return true;
+  },
+
   authMiddleware,
 };
diff --git a/packages/web/src/clientAuth.ts b/packages/web/src/clientAuth.ts
index 7d1af7bb0..50dd09c33 100644
--- a/packages/web/src/clientAuth.ts
+++ b/packages/web/src/clientAuth.ts
@@ -311,9 +311,11 @@ export async function doLogout() {
   const category = getAuthCategory(config);
 
   if (category == 'admin') {
+    await apiCall('auth/logout-admin');
     localStorage.removeItem('adminAccessToken');
     internalRedirectTo('/admin-login.html?is-admin=true');
   } else if (category == 'token') {
+    await apiCall('auth/logout-user');
     localStorage.removeItem('accessToken');
     if (config.logoutUrl) {
       window.location.href = config.logoutUrl;