I’m implementing Auth0 with an Angular SPA and haven’t had much difficulty so far with one exception. For my situation it is possible that more than one user will use the same terminal so I’d like to add the ability to log out completely including the IDP.
I have come across the documentation regarding using a federated query string parameter to the logout string but, at least as far as I know, this is more directed towards a regular web app for example .Net.
However, given that for an SPA I can’t load a different page I’m not clear on how I might do this by either routing or if there is an alternate means via the Auth0 api to accomplish the same end result.
The logout endpoint that can indeed also accept a federated request parameter is applicable both to regular web applications and SPA’s. This endpoint supports redirection to an application URL after completing the logout which would allow for the browser to be navigated back to your applications (Logout).
One thing to consider is that when there are upstream identity providers (like social connections) the federated parameter support depends on the specific upstream identity provider so not all support federated logout (see Log Users Out of Identity Providers).
Are your concerns related to the fact that SDK’s that expose the ability to invoke logout endpoint (like Auth0.js) do so with a redirect in the main browser window? Is that what you hint to when you mention you can’t load a different page?