Auth0 Home Blog Docs

(Logging out) How do I get the 'auth0Client' value without using auth0.js

logout
auth0
#1

I’m not using the ‘auth0.js’ cuz I’m building a regular web app with token based authentication. I try calling this

GET https://YOUR_AUTH0_DOMAIN/v2/logout?
  client_id=YOUR_CLIENT_ID&
  returnTo=LOGOUT_URL

in my front-end and back-end, but nothing seem to work cuz I still can login straight away without going through the permission asking page of IdP at least.

Am I missing something? is it the ‘auth0Client’ query parameter?

#2

Hello @oldjoy,

Are you making sure to clear both the app and Auth0 session data? (and IdP session if you are using an external IdP?)

#3

Thanks @markd for the response.

I’m authenticating with google IdP.

I seem to be having trouble clearing Auth0 session data cuz after logging out, I still can go straight to my app when calling the /authorize again.

In my react, I log out like this:

logout = () => {
    localStorage.removeItem("expires_at");
    goFetch("/logout");   // will call my server to remove the access_token cookie
    
    window.location.href = `https://mari.eu.auth0.com/v2/logout?client_id=${
      process.env.AUTH0_CLIENT_ID
    }&returnTo=http://localhost:8081/`;
  };

Here I clear the cookie in my nodejs:

server.get("/logout", (req, res) => {
  // removes cookie by setting expires date to the past
  res.cookie("access_token", "", {
    expires: new Date(0),
    path: "/"
  });
});

And I sign up/sign in with google in my landing page:

<a href="https://mari.eu.auth0.com/authorize?response_type=code&amp;scope=openid profile offline_access&amp;client_id=ID&amp;connection=google-oauth2&amp;redirect_uri=http://localhost:3000/callback&amp;audience=http://localhost:3000"&gt;Signup />