I’m not using the ‘auth0.js’ cuz I’m building a regular web app with token based authentication. I try calling this
GET https://YOUR_AUTH0_DOMAIN/v2/logout?
client_id=YOUR_CLIENT_ID&
returnTo=LOGOUT_URL
in my front-end and back-end, but nothing seem to work cuz I still can login straight away without going through the permission asking page of IdP at least.
Am I missing something? is it the ‘auth0Client’ query parameter?
I seem to be having trouble clearing Auth0 session data cuz after logging out, I still can go straight to my app when calling the /authorize again.
In my react, I log out like this:
logout = () => {
localStorage.removeItem("expires_at");
goFetch("/logout"); // will call my server to remove the access_token cookie
window.location.href = `https://mari.eu.auth0.com/v2/logout?client_id=${
process.env.AUTH0_CLIENT_ID
}&returnTo=http://localhost:8081/`;
};
Here I clear the cookie in my nodejs:
server.get("/logout", (req, res) => {
// removes cookie by setting expires date to the past
res.cookie("access_token", "", {
expires: new Date(0),
path: "/"
});
});
And I sign up/sign in with google in my landing page:
Sorry for such huge delay in response! We’re doing our best in providing you with best developer support experience out there, but sometimes our bandwidth is not enough comparing to the number of incoming questions.
Wanted to reach out to know if you still require further assistance?