If the application layer is not being terminated, that would be true, however, since you are using a React, you should be able to use the logout() method. The `logout() method from Auth0 React SDK clears the application session and redirects to the Auth0 /v2/logout endpoint to clear the Auth0 session.
You can pass an object argument to logout() to customize the logout behavior of the React application.
This can be achieved as follows:
import { useAuth0 } from "@auth0/auth0-react";
import React from "react";
export const LogoutButton = () => {
const { logout } = useAuth0();
const handleLogout = () => {
logout({
logoutParams: {
returnTo: window.location.origin,
},
});
};
return (
<button className="button__logout" onClick={handleLogout}>
Log Out
</button>
);
};
Also, in our React Native SDK, you have the clearSession() method to clear the session from the authorization server:
const LogoutButton = () => {
const {clearSession} = useAuth0();
const onPress = async () => {
try {
await clearSession();
} catch (e) {
console.log(e);
}
};
return <Button onPress={onPress} title="Log out" />
}
Alternatively, you can implement Refresh Token Rotation in your application.
You can also review this knowledge article regarding Logging out after Password Change.
If you have any other questions or issues with your implementation, please let us know!
Kind Regards,
Nik