OIDC-client and Auth0: How to log out correctly?

askhat · May 30, 2019, 7:37pm

Hi everyone,

I was wondering if there are any identitymodel/oidc-client-js users as myself. Generally, I’m satisfied with this library. However, I’m stuck with logging out implementation.

Since UserMangerSettings does not include returnTo parameter, replacing it with post_logout_redirect_uri, I had to override metadata property

const manager = new UserManager({
  // config
  metadata: {
    end_session_endpoint: `${authority}/v2/logout?returnTo=${encodeURIComponent(window.location.origin)}`
  }
}

When I call manager.signoutRedirect(), the browser being redirected to seemingly correct URL, such as

https://{tenant}.auth0.com/v2/logout?returnTo=http%3A%2F%2Flocalhost%3A3000&id_token_hint=...

But, I’m still getting this error

Perhaps, I’m not seeing something obvious here, or is it just not working properly?

Which is strange because I have set Allowed Logout URLs

cabernet · July 24, 2019, 6:36pm

@askhat, you need to either include the client_id URL parameter on the returnTo URL, or add your logout callback URL to the allowed logout URLs at the tenant level.

See https://auth0.com/docs/api/authentication?javascript#logout

system · August 8, 2019, 6:36pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.