I’m using the
auth0-js-spa SDK in my application. I have a unique use case: log the user out, remain on the same page, and perform an additional API call. I do not wish to use any redirects for the logout process.
I’ve noticed that using
openUrl: false clears my app’s state but not the Auth0 session. From what I understand,
/v2/logout is the URL responsible for clearing the Auth0 session, and it appears that when
openUrl is specified as false, the SDK doesn’t visit the logout URL.
What I’ve Tried:
I experimented with passing a function to
openUrl that opens
/v2/logout in a hidden iframe. It seems to clear the Auth0 session, but I want to ensure that this is a robust solution.
- Does Auth0 natively support the use case described above?
- Is the hidden iframe approach a robust solution for clearing the Auth0 session, or are there better alternatives?
Any guidance or suggestions would be highly appreciated