Overview
This article explains why an Auth0 session may fail to terminate after navigating to the OpenID Connect (OIDC) or v2 logout endpoint when a custom domain is configured.
Applies To
- Auth0 Authentication
- Sessions
- Logout
- Custom Domains
Cause
Starting a login flow with an authorize request on a custom domain and then using the logout endpoint with the canonical domain, or vice versa, prevents the user session from terminating.
Solution
To ensure OpenID Connect (OIDC) and v2 logouts successfully terminate Auth0 user sessions, the entire login flow, including the authorize request and the logout endpoint call, must consistently use either only the canonical domain or only the configured custom domain.