Hi!

I have an issue with getting logout working in Angular SPA.

• I use angular auth0 SDK
• We use refresher tokens and cache location = localStorage, because Safari did not hold the login
• The ‘Allowed Logout URLs’ is equal to redirectTo parameter of logout function

Here is the code we are using, very straightforward

this.authService.logout({returnTo: environment.baseUrl});

• Everything seems to be working, the page refreshes and the user is no longer logged in
• However, if I simply reload the page or do login with this.authService.loginWithRedirect(); the user is logged immediatelly back in
• On “logout”, neither cookie nor local storage is cleared at all

What am I doing wrong? Do I need to send the client_id and localOnly = false when I log out? I don’t believe it is described anywhere, but I will try that.

Thanks

I forgot to say:

• I am using latest Angular (14) and SDK (1.10.0)

Ok, the addition of client_id and localOnly to logout did NOT help.

this.authService.logout(
      {
        returnTo: environment.baseUrl,
        // eslint-disable-next-line @typescript-eslint/naming-convention
        client_id: environment.auth0Config.clientId,
        localOnly: false
      }
    );

I will also try the last 2 tips from here: Check Login and Logout Issues

Namely

• Make sure that the logout redirect URL is different from the login callback URL.
• Make the logout redirect URL an anonymous page (not protected by login) so that redirects to the logout redirect URL do not immediately trigger a login, which may confuse users.