diff --git a/crates/frontend/public/templates/pages/user.html b/crates/frontend/public/templates/pages/user.html
index 83cffee..5defe35 100644
--- a/crates/frontend/public/templates/pages/user.html
+++ b/crates/frontend/public/templates/pages/user.html
@@ -54,6 +54,9 @@ li.collection-list-item {
 }
 </style>
 <h1>Welcome {{ user_id }}!</h1>
+  <form method="POST" action="/frontend/logout">
+    <button type="submit">Log out</button>
+  </form>
 
 <h2>Calendars</h2>
 <ul>
diff --git a/crates/frontend/src/lib.rs b/crates/frontend/src/lib.rs
index d0e7a69..ccd09f6 100644
--- a/crates/frontend/src/lib.rs
+++ b/crates/frontend/src/lib.rs
@@ -16,7 +16,7 @@ use oidc::{route_get_oidc, route_get_oidc_callback};
 use routes::{
     addressbook::{route_addressbook, route_addressbook_restore},
     calendar::{route_calendar, route_calendar_restore},
-    login::{route_get_login, route_post_login},
+    login::{route_get_login, route_post_login, route_post_logout},
 };
 use rustical_store::{
     Addressbook, AddressbookStore, Calendar, CalendarStore,
@@ -162,6 +162,11 @@ pub fn configure_frontend<AP: AuthenticationProvider, CS: CalendarStore, AS: Add
                     .route(web::method(Method::GET).to(route_get_login))
                     .route(web::method(Method::POST).to(route_post_login::<AP>)),
             )
+            .service(
+                web::resource("/logout")
+                    .name("frontend_logout")
+                    .route(web::method(Method::POST).to(route_post_logout)),
+            )
             .service(
                 web::resource("/login/oidc")
                     .name("frontend_login_oidc")
diff --git a/crates/frontend/src/routes/login.rs b/crates/frontend/src/routes/login.rs
index ee24925..1442075 100644
--- a/crates/frontend/src/routes/login.rs
+++ b/crates/frontend/src/routes/login.rs
@@ -54,3 +54,8 @@ pub async fn route_post_login<AP: AuthenticationProvider>(
         ErrorUnauthorized("Unauthorized").error_response()
     }
 }
+
+pub async fn route_post_logout(req: HttpRequest, session: Session) -> Redirect {
+    session.remove("user");
+    Redirect::to(req.url_for_static("frontend_login").unwrap().to_string()).see_other()
+}