I’ve implemented auth0-spa-js as per the quick start:
And here’s my call to auth0Client.logout():
The problem is that when I logout, it does not actually log me out of auth0, even when I pass federated: true. If I click login, it’ll automatically login without needing to re-enter my credentials, as it’s still logged into auth0 (but not the application).
Here’s a video illustrating the problem:
Post-logout, it should not still be logged in at auth0.
As a first step, if you haven’t done so already, it would be helpful to confirm what happens at the network level once the logout action is triggered. In order to logout from Auth0 you would need to seen an outgoing request to the logout endpoint so can you confirm in the browser network tools if such request is issued?