Hi! I’m trying to find a way to log the user out of auth0 session after getting 401 response from the API. What I do is I call window.location.assign('/api/auth/logout') after unauthorized response (because app session expired) but I don’t get logged out from auth0 session. This case is handled in this file nextjs-auth0/logout.ts at main · auth0/nextjs-auth0 · GitHub and it looks like condition on line 27 is true (when this is called after getting 401 response earlier from the API) so endSessionUrl is not called and user is not logged out of auth0 session.
After calling /api/auth/logout when the user is logged in in the app, same condition is false and the user gets logged out of auth0 session.
So my question is, is there any way to achieve what I want? And if it’s not supported do you think it makes sense to handle such case?
I’m experiencing the same issue. After following this example, once the user logs in, and are redirected to the unauthorized page, the client is unable to fully logout.
From what I’ve gathered, there are cookies being stored at https://.auth0.com/ and they are not being deleted despite visiting /api/auth/logout. Of course, it’s not possible to delete them from the main application because the different urls do not have access to such cookies.
My colleague found another community forum post about this same issue and the solution was to add this authorizationParams: { prompt: 'login' }, to the handleLogin function.