I am using auth0-spa-js and I am working on SSO. Seamless SSO is enabled but when I want to do a logout it is redirecting me to the login page and prompting me for user credentials (which is correct) but when I give my user credentials it always picks up the previous user name, for example, if my previous user is abc@something.com and after I logout and login again as xyz@something.com it shows name as abc@something.com (previous user)
I am not clearing any application session or Auth0 session from my code.
Hi @rishiban.ramesh,
If you are using an external IDP:
If the user still has a valid session on the external IDP, then when they are forwarded onto the External IDP it can recognise their first session and passes back abc@something.com’s profile to Auth0.
We have the federated logout option, but not all IDPs support this, so you may need to code into your app another call to your IDP to also end the user’s session with them.
In addition / Not using an external IDP:
Also, calling the Auth0 logout endpoint will only end the Auth0 session, but if you have an application session, you will need to also clear the application session when the user initiates the logout. - Logout
Otherwise your app may still treat them as logged in with the previous user
1 Like