Logout returnTo URL not honored on auth0 connection if federated parameter included in the URL

When logging out of auth0 (having logged in with facebook) honor the returnTo URL even if the federated parameter is set.

This request is for Auth0 to treat facebook connections as if enable SignOut were false (since facebook does not support signout) and redirect back to the returnTo URL specified in the logout request after logout.

I have to pass “federated=true” because some of my users are using SAML and have enabled SignOut. My application does not know at logout time how the user initially connected. That information however is available to auth0.

We support multiple login methods - facebook, google and saml with several enterprise partners. Because of the current auth0 behavior, I have to retain somewhere, a cookie, or database, how the current session was logged in, so that I can omit “federated” parameter on the logout request if it’s facebook. If Auth0 were to implement this feature request, then the logout URL would be the same no matter which connection was used.

Hey there!

Thanks for putting together this feedback item! Let’s see how many community member will be interested in such improvement!