Auth0 Home Blog Docs

Delete cookie on logout - webAuth.authorize();

logout

#1

We have to give our users the option to sign out of our application. This would require them to log back in for further use. However, it appears the auth0 session cookie is not deleted for some reason when implementing the https://YOUR_AUTH0_DOMAIN/v2/logout?returnTo=http%3A%2F%2Fwww.example.com.

Even though the redirect works, the user is automatically logged back in after calling webAuth.authorize(); while you would expect to be asked to re-enter your credentials.
Calling this function for the first time, the user is required to enter username and password. However, they are never required again until the token expires.
Unfortunately, even the examples provided (via download section) do not address this. Any help/guidance is greatly appreciated. Thank you,


#3

Problem is that the logout (session cookie delete) in combination with the re-login happened too fast. Putting a delay on calling webAuth.authorize() showed that the user is successfully logged out. You certainly don’t want to put a delay on this function. In my case I am now forwarding to a “Logged out” page that also offers the option to log back in.