Logout fails suddenly

Hi! I am using the universal login for my application. I have google oauth social connection and using a custom domain. My application is NodeJS+express+express-openid-connect. Sign in works fine and logout has been working fine but suddenly I start getting an error page when trying to sign out. Error details show invalid_request : Invalid id_token_hint

My configuration for express-openid-connect is :

const authConfig = {
authRequired: false,
auth0Logout: true,
idpLogout: true,
secret: process.env.AUTH_SECRET,
baseURL: process.env.AUTH_BASE,
clientID: process.env.AUTH_CLIENT,
issuerBaseURL: process.env.AUTH_ISSUER,
routes: {
postLogoutRedirect: ā€˜/startā€™
}
}

Any idea why this is suddenly failing?

2 Likes

Hey, I think weā€™re having the same issue. I get the same error message:
Error details show invalid_request : Invalid id_token_hint.

I tried deleting the id_token_hint query string and then I see:
invalid_request : The "post_logout_redirect_uri" querystring parameter "<<< app url >>>" is not defined as a valid URL in "Allowed Logout URLs". To add a new URL, please do it here: https://manage.auth0.com/#/account/advanced

But the app url is definitely included in ā€œAllowed Logout URLsā€.
Iā€™m pretty sure logout was still working just a few hours ago.

Yes it seems this error has occurred mysteriously today without any real reason. I am waiting for Auth0 support to get back on this! Let me know if you find a solution or workaround!

Weā€™re having the same issue and got feedback from Auth0 support saying that they are investigating and multiple clients have this issue as of now.

Noticed that if you set the ISSUER and BASE environment variables to the URLs provided by Auth0 (non-custom domains), the log out works perfectly fine.

Ah thanks! Thatā€™s good to know! I am also talking to support, I have provided express lib version and an export of the request details. Hoping this can be resolved without reverting back to using auth0 domains.