Hi
I am following up this => Logout on universal login
It is not working. If I logout, i am redirected to auth0, and it auto login without asking me anything.
Regards,
Stéphane.
Hi
I am following up this => Logout on universal login
It is not working. If I logout, i am redirected to auth0, and it auto login without asking me anything.
Regards,
Stéphane.
Hi @stefdelec
Are you sure you are invoking https:///v2/logout ? That should terminate your auth0 session and prevent the silent auth you are seeing.
John
I am invoking “logout” from @auth0/auth0-angular.
Ooops, text formatting messed up my URL.
Open developer tools on the web page for your app, and log out, and verify that the https://auth0-tenant-name/v2/logout is being invoked. (auth0-tenant-name is the name of your tenant)
If it is not, that is the issue. If it is, something else is going on.
Also using dev tools, look at the calls when it is redirecting - try to identify exactly where the user is being logged in without asking for credentials.
John
Thanks for helping on this one John!
https://myname.eu.auth0.com/v2/logout?client_id=
I don’t understand why there are cancel as I ‘await’.
Any updates on this issue? I am also running into this behavior sporadically (and numerous logout attempts are required to be able to log out successfully).
In addition to a cancelled logout request, there is an immediately following request to /authorize with a 302 status which I believe is the one redirecting back to the domain after logging out.
As far as I can tell the user is properly being logging out from the application, and have only started experiencing it in the last 2 weeks. Is there anything I can do on my end to troubleshoot this issue further? It’s hard to consistently reproduce this issue, and the application code is only using the following snippet to log out:
const { logout: auth0Logout } = useAuth0()
useEffect(() => {
auth0Logout({
returnTo: window.location.origin,
})
}, [auth0Logout])
Hi, I have the same issue as described by Stephane. Could you outline a no-code method to effectively terminate the session and prevent what you are calling ‘silent auth’ ?
Thanks!