diff --git a/foursight_core/app_utils.py b/foursight_core/app_utils.py
index 2a45732..a443464 100644
--- a/foursight_core/app_utils.py
+++ b/foursight_core/app_utils.py
@@ -73,7 +73,14 @@ if CHALICE_LOCAL:
     ROUTE_PREFIX = "/api/"
     ROUTE_EMPTY_PREFIX = "/api"
     ROUTE_PREFIX_EXPLICIT = "/api/"
-    CORS = True
+    from chalice import CORSConfig
+    CORS = CORSConfig(
+        allow_origin="*",
+        allow_headers=['X-Special-Header','Cookies','Cookie'],
+        expose_headers=['X-Special-Header','Cookies','Cookie','Set-Cookie'],
+        allow_credentials=True
+    )
+    CORS=True
 else:
     print("XYZZY:foursight_core:NOT_CHALICE_LOCAL!!!")
     ROUTE_PREFIX = "/"
@@ -339,6 +346,35 @@ class AppUtilsCore(ReactApi):
     def get_default_env(self) -> str:
         return os.environ.get("ENV_NAME", DEFAULT_ENV)
 
+    def create_set_cookie_string(self, request, name: str, value: str, domain: str, path: str = "/", expires = None, http_only: bool = False) -> str:
+        if not name or not request:
+            return ""
+        if not isinstance(request, dict):
+            request = request.to_dict()
+        cookie = name + "=" + (value if value else "") + ";"
+        if domain and not self.is_running_locally(request):
+            # N.B. When running on localhost cookies cannot be set unless we leave off the domain entirely.
+            # https://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
+            cookie += f" Domain={domain};"
+        if not path:
+            path = "/";
+        cookie += f" Path={path};"
+        if expires:
+            if isinstance(expires, datetime.datetime):
+                expires = expires.strftime("%a, %d %b %Y %H:%M:%S GMT")
+            elif isinstance(expires, int):
+                expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=expires)
+            elif isinstance(expires, str):
+                if expires.lower() == "now":
+                    expires = "Expires=Thu, 01 Jan 1970 00:00:00 UTC"
+            else:
+                expires = None
+            if expires:
+                cookie += f" Expires={expires};"
+        if http_only:
+            cookie += f" HttpOnly;"
+        return cookie
+
     def check_authorization(self, request_dict, env=None):
         """
         Manual authorization, since the builtin chalice @app.authorizer() was not
@@ -520,29 +556,35 @@ class AppUtilsCore(ReactApi):
             # N.B. When running on localhost cookies cannot be set unless we leave off the domain entirely.
             # https://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
             #
-            if not self.is_running_locally(req_dict):
-                cookie_str = ''.join(['jwtToken=', id_token, '; Domain=', domain, '; Path=/;'])
-            else:
-                cookie_str = ''.join(['jwtToken=', id_token, '; Path=/;'])
-            if not self.is_running_locally(req_dict):
-                authtoken_cookie = ''.join(['authToken=', authtoken, '; Domain=', domain, '; Path=/; HttpOnly;'])
-            else:
-                authtoken_cookie = ''.join(['authToken=', authtoken, '; Path=/; HttpOnly;'])
-            print("xyzzy:auth0_callback:authtoken_cookie:")
-            print(authtoken_cookie)
-            #authenvs_cookie = ''.join(['authEnvs=', json.dumps(authenvs), '; Domain=', domain, '; Path=/;'])
-            if not self.is_running_locally(req_dict):
-                authenvs_cookie = ''.join(['authEnvs=', base64.b64encode(bytes(json.dumps(authenvs), "utf-8")).decode('utf-8'), '; Domain=', domain, '; Path=/;'])
-            else:
-                authenvs_cookie = ''.join(['authEnvs=', base64.b64encode(bytes(json.dumps(authenvs), "utf-8")).decode('utf-8'), '; Path=/;'])
-            print("xyzzy:auth0_callback:authenvs_cookie:")
-            print(authenvs_cookie)
+
+#           if not self.is_running_locally(req_dict):
+#               cookie_str = ''.join(['jwtToken=', id_token, '; Domain=', domain, '; Path=/;'])
+#           else:
+#               cookie_str = ''.join(['jwtToken=', id_token, '; Path=/;'])
+#           if not self.is_running_locally(req_dict):
+#               authtoken_cookie = ''.join(['authToken=', authtoken, '; Domain=', domain, '; Path=/; HttpOnly;'])
+#           else:
+#               authtoken_cookie = ''.join(['authToken=', authtoken, '; Path=/; HttpOnly;'])
+#           print("xyzzy:auth0_callback:authtoken_cookie:")
+#           print(authtoken_cookie)
+#           #authenvs_cookie = ''.join(['authEnvs=', json.dumps(authenvs), '; Domain=', domain, '; Path=/;'])
+#           if not self.is_running_locally(req_dict):
+#               authenvs_cookie = ''.join(['authEnvs=', base64.b64encode(bytes(json.dumps(authenvs), "utf-8")).decode('utf-8'), '; Domain=', domain, '; Path=/;'])
+#           else:
+#               authenvs_cookie = ''.join(['authEnvs=', base64.b64encode(bytes(json.dumps(authenvs), "utf-8")).decode('utf-8'), '; Path=/;'])
+#           print("xyzzy:auth0_callback:authenvs_cookie:")
+#           print(authenvs_cookie)
             expires_in = res.json().get('expires_in', None)
-            if expires_in:
-                expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=expires_in)
-                cookie_str += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
-                authtoken_cookie += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
-                authenvs_cookie += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
+#           if expires_in:
+#               expires = datetime.datetime.utcnow() + datetime.timedelta(seconds=expires_in)
+#               cookie_str += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
+#               authtoken_cookie += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
+#               authenvs_cookie += (' Expires=' + expires.strftime("%a, %d %b %Y %H:%M:%S GMT") + ';')
+
+            authtoken_cookie = self.create_set_cookie_string(request, name="authToken", value=authtoken, domain=domain, expires=expires_in, http_only=True)
+            authenvs_cookie = self.create_set_cookie_string(request, name="authEnvs", value=self.encryption.encode(authenvs), domain=domain, expires=expires_in)
+            cookie_str = self.create_set_cookie_string(request, name="jwtToken", value=id_token, domain=domain, expires=expires_in)
+
             resp_headers['set-cookie'] = authtoken_cookie
             resp_headers['SET-COOKIE'] = authenvs_cookie
             resp_headers['Set-Cookie'] = cookie_str # sic: different casing of this to allow multiple cookies (chalice/lambda restriction)
@@ -2422,17 +2464,13 @@ def reactapi_route_lambdas(environ: str):
     return AppUtilsCore.singleton().react_route_lambdas(request=app.current_request, env=environ)
 
 
-# TODO: NEVERMIND. Take this out. It is hardcoded at Auth0 for /api/callback.
-@app.route(ROUTE_PREFIX + 'reactapi/callback', cors=CORS)
-def reactapi_route_auth0_callback():
-    """
-    Special callback route, only to be used as a callback from auth0
-    Will return a redirect to view on error/any missing callback info.
-    """
-    print('xyzzy:react_route_auth0_callback')
-    request = app.current_request
-    default_env = os.environ.get("ENV_NAME", DEFAULT_ENV)
-    return AppUtilsCore.singleton().auth0_callback(request, default_env, react=True)
+@app.route(ROUTE_PREFIX + 'reactapi/{environ}/logout', methods=['GET'], cors=CORS)
+def reactapi_route_get_logout(environ):
+    #
+    # The environ on strictly required for logout (as we logout from all envs) but useful for redirect back.
+    #
+    print(f"XYZZY:/reactapi/logout")
+    return AppUtilsCore.singleton().react_route_logout(request=app.current_request, environ=environ)
 
 
 class AppUtils(AppUtilsCore):  # for compatibility with older imports
diff --git a/foursight_core/encryption.py b/foursight_core/encryption.py
index 1c02ed7..0a6ca7b 100644
--- a/foursight_core/encryption.py
+++ b/foursight_core/encryption.py
@@ -1,5 +1,6 @@
 import os
 import base64
+import json
 import uuid
 from pyDes import triple_des
 
@@ -67,11 +68,15 @@ class Encryption:
             print(e)
             return ""
 
-    def encode(self, s: str) -> str:
-        return self.encode_to_bytes(s).decode("utf-8")
+    def encode(self, value) -> str:
+        if not value:
+            return ""
+        if isinstance(value, dict) or isinstance(value, list):
+            value = json.dumps(value)
+        return self.encode_to_bytes(value).decode("utf-8")
 
-    def decode(self, s: str) -> str:
-        return self.decode_to_bytes(s).decode("utf-8")
+    def decode(self, value: str) -> str:
+        return self.decode_to_bytes(value).decode("utf-8")
 
     def encode_to_bytes(self, string_or_bytes) -> bytes:
         if isinstance(string_or_bytes, str):
diff --git a/foursight_core/react_api.py b/foursight_core/react_api.py
index 9ff8245..c42753d 100644
--- a/foursight_core/react_api.py
+++ b/foursight_core/react_api.py
@@ -81,7 +81,13 @@ class ReactApi:
     def read_cookies(self, request: dict) -> dict:
         if not request:
             return {}
+        print('xyzzy:foobar')
+        print(request)
         cookies = request.get("headers", {}).get("cookie")
+        if not cookies:
+            return {}
+        print('xyzzy:goobar')
+        print(cookies)
         simple_cookies = SimpleCookie()
         simple_cookies.load(cookies)
         return {key: value.value for key, value in simple_cookies.items()}
@@ -105,6 +111,8 @@ class ReactApi:
             print('xyzzy:ReactApi.authorize:authorization_token')
             print(authorization_token)
             print(request_dict)
+            if not authorization_token:
+                return False
             authorization_token_decrypted = self.encryption.decrypt(authorization_token)
             print('xyzzy:ReactApi.authorize:authorization_token_decrypted')
             print(authorization_token_decrypted)
@@ -377,8 +385,11 @@ class ReactApi:
         print(short_env_name(env_a))
         print(public_env_name(env_a))
         print(infer_foursight_from_env(envname=env_a))
+        print('xyzzy:get_users calling authorize!!!!!!')
         if not self.authorize(request.to_dict(), environ):
+            print('xyzzy:get_users forbidden!!!!!!')
             return self.forbidden_response()
+        print('xyzzy:get_users after authorize!!!!!!')
         request_dict = request.to_dict()
         stage_name = self.stage.get_stage()
         users = []
@@ -872,3 +883,28 @@ class ReactApi:
         queued_uuid = self.queue_check(env, check, params)
         response.body = {"check": check, "env": env, "uuid": queued_uuid}
         return self.process_response(response)
+
+    def react_route_logout(self, request, environ) -> dict:
+        #
+        # N.B. When running on localhost cookies cannot be set unless we leave off the domain entirely.
+        # https://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
+        #
+        print('xyzzy:react_route_logout')
+        request_dict = request.to_dict()
+        domain, context = self.get_domain_and_context(request_dict)
+        redirect_url = self.read_cookie("reactredir", request_dict)
+        if not redirect_url:
+            redirect_url = "".join(["https://" if not self.is_running_locally(request_dict) else "http://", domain, context, f"react/{environ}/login"])
+        authtoken_cookie = self.create_set_cookie_string(request_dict, "authToken", "", domain, "/", "now")
+        authtokenset_cookie = self.create_set_cookie_string(request_dict, "authTokenSet", "", domain, "/", "now")
+        print('xyzzy:react_route_logout:info')
+        print(authtoken_cookie)
+        print(authtokenset_cookie)
+        print(redirect_url)
+        headers = {
+            "Location": redirect_url,
+            "Set-Cookie": authtoken_cookie,
+            "Set-Cookie": authtokenset_cookie
+        }
+        print(headers)
+        return Response(status_code=302, body=json.dumps(headers), headers=headers)
diff --git a/poetry.lock b/poetry.lock
index 0fc2bce..12adaa5 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -115,6 +115,17 @@ category = "main"
 optional = false
 python-versions = ">=3.6"
 
+[[package]]
+name = "cffi"
+version = "1.15.1"
+description = "Foreign Function Interface for Python calling C code."
+category = "main"
+optional = false
+python-versions = "*"
+
+[package.dependencies]
+pycparser = "*"
+
 [[package]]
 name = "chalice"
 version = "1.27.3"
@@ -184,6 +195,25 @@ category = "main"
 optional = false
 python-versions = "*"
 
+[[package]]
+name = "cryptography"
+version = "38.0.1"
+description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
+category = "main"
+optional = false
+python-versions = ">=3.6"
+
+[package.dependencies]
+cffi = ">=1.12"
+
+[package.extras]
+docs = ["sphinx (>=1.6.5,!=1.8.0,!=3.1.0,!=3.1.1)", "sphinx-rtd-theme"]
+docstest = ["pyenchant (>=1.6.11)", "twine (>=1.12.0)", "sphinxcontrib-spelling (>=4.0.1)"]
+pep8test = ["black", "flake8", "flake8-import-order", "pep8-naming"]
+sdist = ["setuptools-rust (>=0.11.4)"]
+ssh = ["bcrypt (>=3.1.5)"]
+test = ["pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-subtests", "pytest-xdist", "pretend", "iso8601", "pytz", "hypothesis (>=1.11.4,!=3.79.2)"]
+
 [[package]]
 name = "dcicutils"
 version = "4.7.0"
@@ -589,6 +619,14 @@ category = "dev"
 optional = false
 python-versions = ">=3.6"
 
+[[package]]
+name = "pycparser"
+version = "2.21"
+description = "C parser in Python"
+category = "main"
+optional = false
+python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
+
 [[package]]
 name = "pydes"
 version = "2.0.1"
@@ -901,9 +939,9 @@ optional = false
 python-versions = ">=3.7"
 
 [package.extras]
-docs = ["Sphinx (>=3.4)", "sphinx-rtd-theme (>=0.5)"]
-optional = ["python-socks", "wsaccel"]
 test = ["websockets"]
+optional = ["wsaccel", "python-socks"]
+docs = ["sphinx-rtd-theme (>=0.5)", "Sphinx (>=3.4)"]
 
 [[package]]
 name = "webtest"
@@ -938,7 +976,7 @@ testing = ["pytest (>=6)", "pytest-checkdocs (>=2.4)", "pytest-flake8", "pytest-
 [metadata]
 lock-version = "1.1"
 python-versions = ">=3.7,<3.9"
-content-hash = "a642a2a861c3433d64bdf8eab44d6b3b2ae674cf079d044b0a2bfa7c5177a16c"
+content-hash = "25fee4a9fb88ffcfa9550062e6ddba1506fe533a3945e99804d51db35c9d0a9c"
 
 [metadata.files]
 ansicon = [
@@ -980,6 +1018,72 @@ certifi = [
     {file = "certifi-2022.6.15-py3-none-any.whl", hash = "sha256:fe86415d55e84719d75f8b69414f6438ac3547d2078ab91b67e779ef69378412"},
     {file = "certifi-2022.6.15.tar.gz", hash = "sha256:84c85a9078b11105f04f3036a9482ae10e4621616db313fe045dd24743a0820d"},
 ]
+cffi = [
+    {file = "cffi-1.15.1-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2"},
+    {file = "cffi-1.15.1-cp27-cp27m-manylinux1_i686.whl", hash = "sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2"},
+    {file = "cffi-1.15.1-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914"},
+    {file = "cffi-1.15.1-cp27-cp27m-win32.whl", hash = "sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3"},
+    {file = "cffi-1.15.1-cp27-cp27m-win_amd64.whl", hash = "sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e"},
+    {file = "cffi-1.15.1-cp27-cp27mu-manylinux1_i686.whl", hash = "sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162"},
+    {file = "cffi-1.15.1-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b"},
+    {file = "cffi-1.15.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21"},
+    {file = "cffi-1.15.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185"},
+    {file = "cffi-1.15.1-cp310-cp310-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd"},
+    {file = "cffi-1.15.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc"},
+    {file = "cffi-1.15.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f"},
+    {file = "cffi-1.15.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e"},
+    {file = "cffi-1.15.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4"},
+    {file = "cffi-1.15.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01"},
+    {file = "cffi-1.15.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e"},
+    {file = "cffi-1.15.1-cp310-cp310-win32.whl", hash = "sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2"},
+    {file = "cffi-1.15.1-cp310-cp310-win_amd64.whl", hash = "sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d"},
+    {file = "cffi-1.15.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac"},
+    {file = "cffi-1.15.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83"},
+    {file = "cffi-1.15.1-cp311-cp311-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9"},
+    {file = "cffi-1.15.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c"},
+    {file = "cffi-1.15.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325"},
+    {file = "cffi-1.15.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c"},
+    {file = "cffi-1.15.1-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef"},
+    {file = "cffi-1.15.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8"},
+    {file = "cffi-1.15.1-cp311-cp311-win32.whl", hash = "sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d"},
+    {file = "cffi-1.15.1-cp311-cp311-win_amd64.whl", hash = "sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104"},
+    {file = "cffi-1.15.1-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7"},
+    {file = "cffi-1.15.1-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6"},
+    {file = "cffi-1.15.1-cp36-cp36m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d"},
+    {file = "cffi-1.15.1-cp36-cp36m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a"},
+    {file = "cffi-1.15.1-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405"},
+    {file = "cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e"},
+    {file = "cffi-1.15.1-cp36-cp36m-win32.whl", hash = "sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf"},
+    {file = "cffi-1.15.1-cp36-cp36m-win_amd64.whl", hash = "sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497"},
+    {file = "cffi-1.15.1-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375"},
+    {file = "cffi-1.15.1-cp37-cp37m-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e"},
+    {file = "cffi-1.15.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82"},
+    {file = "cffi-1.15.1-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b"},
+    {file = "cffi-1.15.1-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c"},
+    {file = "cffi-1.15.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426"},
+    {file = "cffi-1.15.1-cp37-cp37m-win32.whl", hash = "sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9"},
+    {file = "cffi-1.15.1-cp37-cp37m-win_amd64.whl", hash = "sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045"},
+    {file = "cffi-1.15.1-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3"},
+    {file = "cffi-1.15.1-cp38-cp38-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a"},
+    {file = "cffi-1.15.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5"},
+    {file = "cffi-1.15.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca"},
+    {file = "cffi-1.15.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02"},
+    {file = "cffi-1.15.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192"},
+    {file = "cffi-1.15.1-cp38-cp38-win32.whl", hash = "sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314"},
+    {file = "cffi-1.15.1-cp38-cp38-win_amd64.whl", hash = "sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5"},
+    {file = "cffi-1.15.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585"},
+    {file = "cffi-1.15.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0"},
+    {file = "cffi-1.15.1-cp39-cp39-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415"},
+    {file = "cffi-1.15.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d"},
+    {file = "cffi-1.15.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984"},
+    {file = "cffi-1.15.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35"},
+    {file = "cffi-1.15.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27"},
+    {file = "cffi-1.15.1-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76"},
+    {file = "cffi-1.15.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3"},
+    {file = "cffi-1.15.1-cp39-cp39-win32.whl", hash = "sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee"},
+    {file = "cffi-1.15.1-cp39-cp39-win_amd64.whl", hash = "sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c"},
+    {file = "cffi-1.15.1.tar.gz", hash = "sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9"},
+]
 chalice = [
     {file = "chalice-1.27.3-py3-none-any.whl", hash = "sha256:f41d0eaac1edb70ce1904b234bfc6ad4af35b7321f79b998bc6a95ff5f8cb4f6"},
     {file = "chalice-1.27.3.tar.gz", hash = "sha256:58ccf0ada3727de1b93fd1d5c6e9e17d92a3e929ff37cb14cfaa6fc9e729c92e"},
@@ -1051,6 +1155,34 @@ coverage = [
 cron-descriptor = [
     {file = "cron_descriptor-1.2.31.tar.gz", hash = "sha256:8e83f08dbd76657a0b6ce1168b293bc27fa68be573ef8cb086ef0d9896340876"},
 ]
+cryptography = [
+    {file = "cryptography-38.0.1-cp36-abi3-macosx_10_10_universal2.whl", hash = "sha256:10d1f29d6292fc95acb597bacefd5b9e812099d75a6469004fd38ba5471a977f"},
+    {file = "cryptography-38.0.1-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:3fc26e22840b77326a764ceb5f02ca2d342305fba08f002a8c1f139540cdfaad"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:3b72c360427889b40f36dc214630e688c2fe03e16c162ef0aa41da7ab1455153"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:194044c6b89a2f9f169df475cc167f6157eb9151cc69af8a2a163481d45cc407"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ca9f6784ea96b55ff41708b92c3f6aeaebde4c560308e5fbbd3173fbc466e94e"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_24_x86_64.whl", hash = "sha256:16fa61e7481f4b77ef53991075de29fc5bacb582a1244046d2e8b4bb72ef66d0"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:d4ef6cc305394ed669d4d9eebf10d3a101059bdcf2669c366ec1d14e4fb227bd"},
+    {file = "cryptography-38.0.1-cp36-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:3261725c0ef84e7592597606f6583385fed2a5ec3909f43bc475ade9729a41d6"},
+    {file = "cryptography-38.0.1-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:0297ffc478bdd237f5ca3a7dc96fc0d315670bfa099c04dc3a4a2172008a405a"},
+    {file = "cryptography-38.0.1-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:89ed49784ba88c221756ff4d4755dbc03b3c8d2c5103f6d6b4f83a0fb1e85294"},
+    {file = "cryptography-38.0.1-cp36-abi3-win32.whl", hash = "sha256:ac7e48f7e7261207d750fa7e55eac2d45f720027d5703cd9007e9b37bbb59ac0"},
+    {file = "cryptography-38.0.1-cp36-abi3-win_amd64.whl", hash = "sha256:ad7353f6ddf285aeadfaf79e5a6829110106ff8189391704c1d8801aa0bae45a"},
+    {file = "cryptography-38.0.1-pp37-pypy37_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:896dd3a66959d3a5ddcfc140a53391f69ff1e8f25d93f0e2e7830c6de90ceb9d"},
+    {file = "cryptography-38.0.1-pp37-pypy37_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:d3971e2749a723e9084dd507584e2a2761f78ad2c638aa31e80bc7a15c9db4f9"},
+    {file = "cryptography-38.0.1-pp37-pypy37_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:79473cf8a5cbc471979bd9378c9f425384980fcf2ab6534b18ed7d0d9843987d"},
+    {file = "cryptography-38.0.1-pp38-pypy38_pp73-macosx_10_10_x86_64.whl", hash = "sha256:d9e69ae01f99abe6ad646947bba8941e896cb3aa805be2597a0400e0764b5818"},
+    {file = "cryptography-38.0.1-pp38-pypy38_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5067ee7f2bce36b11d0e334abcd1ccf8c541fc0bbdaf57cdd511fdee53e879b6"},
+    {file = "cryptography-38.0.1-pp38-pypy38_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:3e3a2599e640927089f932295a9a247fc40a5bdf69b0484532f530471a382750"},
+    {file = "cryptography-38.0.1-pp38-pypy38_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:c2e5856248a416767322c8668ef1845ad46ee62629266f84a8f007a317141013"},
+    {file = "cryptography-38.0.1-pp38-pypy38_pp73-win_amd64.whl", hash = "sha256:64760ba5331e3f1794d0bcaabc0d0c39e8c60bf67d09c93dc0e54189dfd7cfe5"},
+    {file = "cryptography-38.0.1-pp39-pypy39_pp73-macosx_10_10_x86_64.whl", hash = "sha256:b6c9b706316d7b5a137c35e14f4103e2115b088c412140fdbd5f87c73284df61"},
+    {file = "cryptography-38.0.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b0163a849b6f315bf52815e238bc2b2346604413fa7c1601eea84bcddb5fb9ac"},
+    {file = "cryptography-38.0.1-pp39-pypy39_pp73-manylinux_2_24_x86_64.whl", hash = "sha256:d1a5bd52d684e49a36582193e0b89ff267704cd4025abefb9e26803adeb3e5fb"},
+    {file = "cryptography-38.0.1-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:765fa194a0f3372d83005ab83ab35d7c5526c4e22951e46059b8ac678b44fa5a"},
+    {file = "cryptography-38.0.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:52e7bee800ec869b4031093875279f1ff2ed12c1e2f74923e8f49c916afd1d3b"},
+    {file = "cryptography-38.0.1.tar.gz", hash = "sha256:1db3d807a14931fa317f96435695d9ec386be7b84b618cc61cfa5d08b0ae33d7"},
+]
 dcicutils = [
     {file = "dcicutils-4.7.0-py3-none-any.whl", hash = "sha256:782589ebf363df250364ba78cd6243411f3a0195981451112a2c73bdd2dccd98"},
     {file = "dcicutils-4.7.0.tar.gz", hash = "sha256:bcbb451111674d133b0511504f8a4c2cb54afb5f5c1750084d7ed3bce19616f6"},
@@ -1266,6 +1398,10 @@ pycodestyle = [
     {file = "pycodestyle-2.9.1-py2.py3-none-any.whl", hash = "sha256:d1735fc58b418fd7c5f658d28d943854f8a849b01a5d0a1e6f3f3fdd0166804b"},
     {file = "pycodestyle-2.9.1.tar.gz", hash = "sha256:2c9607871d58c76354b697b42f5d57e1ada7d261c261efac224b664affdc5785"},
 ]
+pycparser = [
+    {file = "pycparser-2.21-py2.py3-none-any.whl", hash = "sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9"},
+    {file = "pycparser-2.21.tar.gz", hash = "sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206"},
+]
 pydes = [
     {file = "pyDes-2.0.1.tar.gz", hash = "sha256:e2ab8e21d2b83e90d90dbfdcb6fb8ac0000b813238b7ecaede04f8435c389012"},
 ]
diff --git a/pyproject.toml b/pyproject.toml
index 07652d9..3be7629 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -25,6 +25,7 @@ elasticsearch-dsl = "^6.4.0"
 gitpython = "^3.1.2"
 pyDes = "^2.0.1"
 pytz = "^2020.1"
+cryptography = "^38.0.1"
 
 [tool.poetry.dev-dependencies]
 chalice = "^1.21.4"
diff --git a/react/src/Header.js b/react/src/Header.js
index d353842..66de81a 100644
--- a/react/src/Header.js
+++ b/react/src/Header.js
@@ -147,7 +147,9 @@ const Header = (props) => {
                     { (IsLoggedIn()) ? (<span>
                             {/* &nbsp;<b>|</b>&nbsp; <span style={{cursor:"pointer",color:"#D6EAF8"}} onClick={() => {Logout(navigate);}}>LOGOUT</span> */}
                             {/* &nbsp;|&nbsp; <NavLink to={URL.Url("/logindone", true)} style={{cursor:"pointer",color:"#D6EAF8"}} onClick={() => Logout()}>LOGOUT</NavLink> */}
-                                &nbsp;|&nbsp; <NavLink to={{pathname: "/redirect"}} state={{url: URL.Url("/login", true)}}    style={{cursor:"pointer",color:"#D6EAF8"}} onClick={() => Logout()}>LOGOUT</NavLink>
+
+                            {/* &nbsp;|&nbsp; <NavLink to={{pathname: "/redirect"}} state={{url: URL.Url("/login", true)}}    style={{cursor:"pointer",color:"#D6EAF8"}} onClick={() => Logout()}>LOGOUT</NavLink> */}
+                            &nbsp;|&nbsp; <a href={"http://localhost:8000/api/reactapi/" + URL.Env() + "/logout"} style={{cursor:"pointer",color:"#D6EAF8"}} onClick={() => Logout()}>LOGOUT</a>
                     </span>):(<span>
                         &nbsp;|&nbsp; <NavLink to={URL.Url("/login?auth", true)} style={{cursor:"pointer",color:"#D6EAF8"}} title="Not logged in. Click to login.">LOGIN</NavLink>
                     </span>)}
diff --git a/react/src/utils/API.js b/react/src/utils/API.js
index 1915f14..6c9d756 100644
--- a/react/src/utils/API.js
+++ b/react/src/utils/API.js
@@ -6,7 +6,7 @@ export const API_BASE_URL_PATH = "/api/reactapi";
 export const getApiBaseUrl = () => {
     let baseDomainUrl;
     if (Utils.isRunningLocally()) {
-        baseDomainUrl = "http://localhost:8000";
+        baseDomainUrl = "http://" + window.location.hostname + ":8000";
     } else {
         baseDomainUrl = window.origin;
     }
diff --git a/react/src/utils/CookieUtils.js b/react/src/utils/CookieUtils.js
index cde2110..1da64b3 100644
--- a/react/src/utils/CookieUtils.js
+++ b/react/src/utils/CookieUtils.js
@@ -92,7 +92,12 @@ export const AuthTokenCookieExists = () => {
         authTokenCookie = GetCookie(_authTokenCookieName);
         console.log("xyzzy:checking authTOken cookie exists: done setting dummy and read");
         console.log(authTokenCookie)
-        return authTokenCookie != "dummy";
+        if (authTokenCookie == "dummy") {
+            DeleteCookie(_authTokenCookieName);
+            return false;
+        }
+        return true;
+
     }
     catch {
         console.log("xyzzy:checking authTOken cookie exists: done setting exception");
diff --git a/react/src/utils/Utils.js b/react/src/utils/Utils.js
index 7e5a2dd..3acdd71 100644
--- a/react/src/utils/Utils.js
+++ b/react/src/utils/Utils.js
@@ -21,7 +21,7 @@ export const isBoolean = (value) => {
 }
 
 export const isRunningLocally = () => {
-    return window.origin?.startsWith("http://localhost:");
+    return window.location.hostname == "localhost" || window.location.hostname == "127.0.0.1";
 }
 
 export const CopyToClipboard = (id) => {
