Hi @finnbai!
It sounds like the primary issue might be the app re-initializing on logout? Just looking at our sample app I’m unable to reproduce this behavior.
FWIW refresh token rotation is the preferred mechanism in a SPA app as revoking the refresh token actually destroys the entire grant itself - This results in user consent being lost and requiring the user to consent again on the subsequent login. The Angular SDK should remove any local copy of the RT, so unless you suspect leaks there really shouldn’t be any reason to fully revoke.
Some more on best practices here:
Hope this helps!