Federated Logout with Google SSO Retains Session

ranchuk · January 20, 2025, 10:00pm

I’m using Auth0 with a SAML (SSO) connection configured for Google Workspace in my Next.js application. While logging in and out works generally well, I’m encountering an issue where logging out of Auth0 does not fully terminate the session with Google.

Here’s the scenario:

A user logs in with user1@domain.com via Google SSO.
The user logs out using the federated parameter in the Auth0 logout URL (/v2/logout?federated).
When attempting to log in with user2@domain.com, Google automatically logs in user1@domain.com without prompting for new credentials.

I’ve already:

Ensured prompt: 'login' is included in the login flow.
Configured the federated parameter in the logout URL.
Tested manually visiting https://accounts.google.com/Logout, which resolves the issue, but I need this behavior integrated automatically.

Despite these efforts, Google’s session remains active after logging out of Auth0. Is there a configuration or additional step required to ensure that federated logout properly terminates the Google session? Any insights or guidance would be appreciated!

sumansaurav · January 21, 2025, 5:45am

Hi @ranchuk ,

You can look at this article and get an idea how to handle this scenario.

I would suggest you to implement custom logout handler that manages Google and Auth0 sessions

Let me know if this doesn’t work.

Topic		Replies	Views
Auth0 Logout also logs me out of Google Help logout , auth0	6	3979	October 11, 2020
Google Workspace users logging out from IdP even when 'federated' parameter is not included Knowledge Articles	1	601	August 10, 2023
Signout operation not signing out completely Help auth0 , spa , login	2	3320	December 14, 2022
Auth0 as Idp with two SP Help sso , application	0	436	February 7, 2024
Auth0 SSO integration for Google Workspace Help application , addons	3	3023	January 20, 2023

Federated Logout with Google SSO Retains Session

Related topics