In case user would login with socials on someone’s else device and then would like to logout, federated logout would be needed but it leads to weird behavior (logging out from the app but also from the google account), is it the only way to logout user from the app when they sign in with socials?
This behavior is expected. If you pass federated:true with the logout request, it logs the user out of the app and identity provider (i.e. Google), and on a public device, you would want the user fully logged out of the application and IdP (Google) after a session.
You can log a social user out of the Application layer and the Auth0 layer only by not passing thefederatedparam.
As an aside, I see you’re passing an empty string('') in the federated param. Don’t do this, it is expecting a bool (true or false). I would expect an empty string to return an error, but it may end up evaluated as truth-y and causing unexpected behavior.