diff --git a/bin/web/routes/api.js b/bin/web/routes/api.js
index 96c4fe5..1fa6857 100644
--- a/bin/web/routes/api.js
+++ b/bin/web/routes/api.js
@@ -105,6 +105,30 @@ route.post('/authenticate', (req, res) => {
 	// TODO: authenticate
 });
 
+/**
+ * cancel app request and clear it
+ * @url /api/cancel
+ * @method GET
+ */
+route.get('/cancel', (req, res) => {
+	// if user is logged in
+	if(req.session && req.session.user) {
+		req.session.appRequest = {};
+
+		return res.type('json').end(JSON.stringify({
+			status: 200,
+			message: 'msg.request.operation.cancel.successful'
+		}));
+
+	// user isnt logged in
+	} else {
+		return res.type('json').end(JSON.stringify({
+			status: 401,
+			message: 'msg.auth.login.required'
+		}));
+	}
+});
+
 /**
  * redirect user to app
  * @url /api/redirect
diff --git a/bin/web/views/request.pug b/bin/web/views/request.pug
index 35e5689..7dfc775 100644
--- a/bin/web/views/request.pug
+++ b/bin/web/views/request.pug
@@ -21,7 +21,7 @@ append content
 									br
 									i= app.access
 							.uk-card-footer.uk-flex.uk-flex-around
-								a.uk-button.uk-button-default.uk-button-default Cancel
+								button(onclick="cancelRequest()").uk-button.uk-button-default.uk-button-default Cancel
 								a.uk-button.uk-button-default.uk-button-primary(href="/api/redirect?id="+appRequest.appId) Authorize request
 	else
 		include blocks/login.pug
diff --git a/res/web/js/custom.js b/res/web/js/custom.js
index 7d2374b..c12bee1 100644
--- a/res/web/js/custom.js
+++ b/res/web/js/custom.js
@@ -20,7 +20,7 @@ function login() {
 
 			box.classList.remove("uk-hidden");
 			box.classList.add("uk-alert-success");
-			box.classList.getElementsByTagName("p")[0].innerHTML = "Logged in. You will be redirected";
+			box.getElementsByTagName("p")[0].innerHTML = "Logged in. You will be redirected";
 		} else if(json.message && json.message == "msg.auth.login.failed") {
 			box.classList.remove("uk-hidden");
 			box.classList.add("uk-alert-danger");
@@ -41,11 +41,21 @@ function logout() {
 }
 setTimeout(function () {
 	if(document.getElementById("listener_logout")) {
-		console.log("logout");
 		logout();
 	}
 }, 100);
 
+function cancelRequest() {
+	let ajax = new XMLHttpRequest();
+	ajax.open("GET", "/api/cancel", true);
+	ajax.setRequestHeader('Content-Type', 'charset=UTF-8');
+	ajax.send("");
+	ajax.onload = () => {
+		let json = JSON.parse(ajax.responseText);
+		if(json.message && json.message == "msg.request.operation.cancel.successful") window.location.href= "/";
+	};
+}
+
 // @url: https://stackoverflow.com/a/901144
 function getParameterByName(name) {
     let url = window.location.href;