When a user logs out of the app, they’re successfully being logged out of the application, but not out of Auth0. So if they click the login link again, it remembers the user and automatically logs them back in without having to enter their credentials.
The logout URL that the user visits when clicking Logout in the application is:
https://{{my tenant}}.auth0.com/v2/logout?federated&client_id={{my client id}}&returnTo=https://{{my website}}
It redirects them back to my site as expected. Trying to access any pages that required a logged in user can’t be accessed. However, once you to back to the login page (https://domain.com/login) and click the Login at {idp} button, it auto logs you back in and redirects you back to our site.
If it makes a difference, we’re using PingFederate as the Enterprise Connection.