We have a master application that takes care of talking to Auth0 for registration, login and logout.
We have another client application which will just do silent authentication to check if a user is logged in and if yes, create an application session and if no, redirect the user to login from the main application. - This is working well.
What is not working is:
When the user logs out from the master application or any other client application, the current application on its next check with Auth0 from the back-end should be able to know that the user has logged out and therefore should be able to destroy the application session. I do not find any API or a procedure to get this done from the back-end. We do not fully trust front-end applications when it comes to session handling and checking. Therefore, we need to have the check happening from the front-end.
Any help will be appreciated.