It can be done, but you’ll have to work for it
The Custom Social Connections extension works by providing a user interface that under the hood creates a connection with an oauth2
strategy using Management API v2. If you create a connection and then use Management API v2 to read it, you’ll see something like this:
{
"id": "{the_connection_id}",
"options": {
"domain_aliases": [
],
"client_id": "xxxx",
"client_secret": "xxxx",
"scripts": {
"fetchUserProfile": "[...] // the script"
},
"authorizationURL": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
"tokenURL": "https://login.microsoftonline.com/common/oauth2/v2.0/token",
"scope": "openid email https://graph.microsoft.com/User.Read https://graph.microsoft.com/Mail.Read"
},
"strategy": "oauth2",
"name": "{the_connection_name}",
"is_domain_connection": false,
"realms": [
"{the_connection_name}"
],
"enabled_clients": [
// the list of client ids for which the connection is enabled
]
}
Now, if you want logout support, you will have to use the Management API v2’s PATCH connection endpoint to add either:
-
options.logoutUrl
and set it to a fixed logout URL value. -
options.scripts. getLogoutUrl
which takes a script capable of dynamically generating the logout URL based on the context (e.g. areturnTo
URL that you might want to provide). This script should be of thefunction(query, callback)
format, wherequery
will be an object that contains the query string that initiated the logout request. If successful, the script should returncallback(null, theLogoutUrl)
.
Remember that when changing the options
object you need to provide the full content, so you will have to read it first, add the new property, and send the full object in the body of the PATCH
request. E.g.:
PATCH /api/v2/connections/{connection_id}
{
"options" : {
[...] // all existing options,
"logoutUrl": "https://myidp.com/end_session"
}
}
Also, if you use the UI after setting any of these options and click Save, the custom property you set before will be lost.
I’ve added a GH issue requesting direct support for this in the UI: Support for logout · Issue #32 · auth0/custom-social-connections · GitHub. No ETA or anything like that, just to keep track of it.