Hi Everyone,
I am using the Auth0 Single Sign-On module in CMS Drupal 8. Please find below the URL of the Auth0 module:
I have done configuration changes with the Auth0 server as well as configurations from the CMS side also. But I am trying to logout from the CMS Drupal website then I am facing the following issue which is given in the screenshot.
I have properly added the allowed logout URL in the Auth0 server configuration but still I am facing issue.
Note: In the screenshot my-domain-name is different it is for reference purpose.
Please let me know if I am missing anything in this…
Hey @adi19rich, Welcome to Auth0 Community!
Can you DM me a HAR file of the logout process in your app?
Regards,
Sidharth
Hi Sidharth,
Please find attched the har file for logout process.
prego-power.us.auth0.com.har (448.9 KB)
Please reply as soon as possible. It is on urgent basis.
Thanks for your response.
Hi Sidharth,
Please let me know if you have any updates…
Hey @adi19rich, In your HAR file, I cannot see the client ID w.r.t to which you made your initial login, can you please DM me your Client ID as well?
Apologies for the thread necromancy but I have been evaluating this module on a clean, local Drupal instance (using Docker and Docksal) and came across the exact same error.
I also managed to resolve it as follows:
- Despite setting the logout URL in the client (
http://localhost
in my case) I was getting the exact same error message. Spoofing the URL, checking logs and doing live logging showed nothing wrong.
- I went to the Tenant settings and the Advanced tab
https://manage.auth0.com/dashboard/eu/<your domain>/tenant/advanced
and populated the Allowed Logout URLs with the same http://localhost
.
- In a new private window, I retried the login to the application and now logout now works.
I can only assume this is an error in the module as reading the help text on that field I see:
A set of URLs that are valid to redirect to after logout from Auth0 when no client_id
is specified on the logout
endpoint invocation. It’s useful as a global list when SSO is enabled. Read more about this at Logout
So from investigation using the network tab of the console I suspect the client_id
parameter is not being sent which explains why when setting this field the system works.
I will raise it here: https://github.com/auth0-community/auth0-drupal/issues/new
Ping @adi19rich
Please see my solution above!