Logout does not work in Angular SPA

Hi!

I have an issue with getting logout working in Angular SPA.

  • I use angular auth0 SDK
  • We use refresher tokens and cache location = localStorage, because Safari did not hold the login
  • The ‘Allowed Logout URLs’ is equal to redirectTo parameter of logout function

Here is the code we are using, very straightforward

this.authService.logout({returnTo: environment.baseUrl});
  • Everything seems to be working, the page refreshes and the user is no longer logged in
  • However, if I simply reload the page or do login with this.authService.loginWithRedirect(); the user is logged immediatelly back in
  • On “logout”, neither cookie nor local storage is cleared at all

What am I doing wrong? Do I need to send the client_id and localOnly = false when I log out? I don’t believe it is described anywhere, but I will try that.

Thanks

I forgot to say:

  • I am using latest Angular (14) and SDK (1.10.0)

Ok, the addition of client_id and localOnly to logout did NOT help.

this.authService.logout(
      {
        returnTo: environment.baseUrl,
        // eslint-disable-next-line @typescript-eslint/naming-convention
        client_id: environment.auth0Config.clientId,
        localOnly: false
      }
    );

I will also try the last 2 tips from here: Check Login and Logout Issues

Namely

  • Make sure that the logout redirect URL is different from the login callback URL.
  • Make the logout redirect URL an anonymous page (not protected by login) so that redirects to the logout redirect URL do not immediately trigger a login, which may confuse users.

So, it seems the issue was that I had the onClick handler on an anchor element (a) with empty href attribute:

<a href="" ng-click="authService.logout(...)">Logout</a>

At least after changing this to a span element, the issues stopped. So, if anyone has similar issues, you can try this first.

1 Like