diff --git a/app/Http/Controllers/API/AuthController.php b/app/Http/Controllers/API/AuthController.php
index 02292a46..73bd56b1 100644
--- a/app/Http/Controllers/API/AuthController.php
+++ b/app/Http/Controllers/API/AuthController.php
@@ -38,6 +38,7 @@ public function __construct()
                     'resetPassword',
                     'loginBranding',
                     'authGate',
+                    'logout',
                 ]
             ]
         );
@@ -190,11 +191,15 @@ public function logout(Request $request)
     {
         $deleteToken = Cookie::forget('token', '/', $request->getHost());
         $deleteCurrentUser = Cookie::forget('currentUser', '/', $request->getHost());
-        auth('api')->logout();
+        try {
+            auth('api')->logout();
+        } catch (\Throwable $e) {}
 
         return response()->json(['message' => 'User successfully signed out'])
             ->withCookie($deleteToken)
-            ->withCookie($deleteCurrentUser);
+            ->withCookie($deleteCurrentUser)
+            ->withoutCookie('token')
+            ->withoutCookie('currentUser');
     }
 
     /**
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index 3e4a478e..ed397c0a 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -20,6 +20,7 @@ class Kernel extends HttpKernel
         Middleware\TrustProxies::class,
         Middleware\EncryptCookies::class,
         Middleware\CookieJWTAuthenticator::class,
+        Middleware\ClearTokenOnUnauthorized::class,
     ];
 
     protected $middlewareGroups = [
diff --git a/app/Http/Middleware/ClearTokenOnUnauthorized.php b/app/Http/Middleware/ClearTokenOnUnauthorized.php
new file mode 100644
index 00000000..4f826433
--- /dev/null
+++ b/app/Http/Middleware/ClearTokenOnUnauthorized.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class ClearTokenOnUnauthorized
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        $response = $next($request);
+
+        if ($response->getStatusCode() === 401) {
+            // Clear token
+            try {
+                auth('api')->logout();
+            } catch (\Throwable $e) {}
+
+            return $response->withoutCookie('token')
+                ->withoutCookie('currentUser');
+        }
+
+        return $response;
+    }
+}