Logout functionality is not working with Drupal 8 Auth0 module

Hi Everyone,

I am using the Auth0 Single Sign-On module in CMS Drupal 8. Please find below the URL of the Auth0 module:

I have done configuration changes with the Auth0 server as well as configurations from the CMS side also. But I am trying to logout from the CMS Drupal website then I am facing the following issue which is given in the screenshot.

I have properly added the allowed logout URL in the Auth0 server configuration but still I am facing issue.

Note: In the screenshot my-domain-name is different it is for reference purpose.

Please let me know if I am missing anything in this…

Hey @adi19rich, Welcome to Auth0 Community!

Can you DM me a HAR file of the logout process in your app?

Regards,
Sidharth

Hi Sidharth,

Please find attched the har file for logout process.
prego-power.us.auth0.com.har (448.9 KB)

Please reply as soon as possible. It is on urgent basis.
Thanks for your response.

Hi Sidharth,

Please let me know if you have any updates…

Hey @adi19rich, In your HAR file, I cannot see the client ID w.r.t to which you made your initial login, can you please DM me your Client ID as well?

Apologies for the thread necromancy but I have been evaluating this module on a clean, local Drupal instance (using Docker and Docksal) and came across the exact same error.

I also managed to resolve it as follows:

  1. Despite setting the logout URL in the client (http://localhost in my case) I was getting the exact same error message. Spoofing the URL, checking logs and doing live logging showed nothing wrong.
  2. I went to the Tenant settings and the Advanced tab https://manage.auth0.com/dashboard/eu/<your domain>/tenant/advanced and populated the Allowed Logout URLs with the same http://localhost.
  3. In a new private window, I retried the login to the application and now logout now works.

I can only assume this is an error in the module as reading the help text on that field I see:

A set of URLs that are valid to redirect to after logout from Auth0 when no client_id is specified on the logout endpoint invocation. It’s useful as a global list when SSO is enabled. Read more about this at Logout

So from investigation using the network tab of the console I suspect the client_id parameter is not being sent which explains why when setting this field the system works.

I will raise it here: https://github.com/auth0-community/auth0-drupal/issues/new

Ping @adi19rich

Please see my solution above!