Logout with "returnTo" parameter for social logged in user doesn't work

I’m using the Single Page Application SDK. I can successfully log in to the application with the Auth0 Universal login, but when trying to log out from our SPA it doesn’t seem to redirect to the URL set by the redirectTo parameter.

  • I set the client_id parameter correctly
  • Just to be sure, I even tried with clientId and clientID parameters, but still redirects wrongly
  • I set the Allowed Logout URLs correctly: http://localhost:3000/auth/logout
  • For making sure it’s not the client_id problem, I set the Allowed Logout URLs in the Tenant settings as well, but no success
  • I get back a Success Logout log in the dashboard, which tells me the following:
{
  "date": "2019-11-04T10:51:40.494Z",
  "type": "slo",
  "description": "Redirected to IdP",
  "connection": "facebook",
  "connection_id": "xxx",
  "client_id": "xxx",
  "client_name": "xxx",
  "ip": "xxx",
  "user_agent": "Chrome 78.0.3904 / Mac OS X 10.15.0",
  "details": {
    "return_to": "http://localhost:3000/auth/logout",
    "allowed_logout_url": [
      "http://localhost:3000/auth/logout",
      "http://localhost:3000/auth/signin"
    ],
    "session_id": "xxx",
    "device_id": "xxx"
  },
  "hostname": "xxx.eu.auth0.com",
  "user_id": "xxx",
  "user_name": "xxx@gmail.com",
  "auth0_client": {
    "name": "auth0-spa-js",
    "version": "1.3.2"
  },
  "log_id": "xxx",
  "_id": "xxx",
  "isMobile": false
}

So it seems to be set correctly, however I always get redirected to the Facebook home page in case I’m logged in with Facebook. Same goes to the Google login.

Could you please point me to the right direction?

Hi David,

If you would like to set the federated parameter to logout users from external IdP – in your case it’s Google and Facebook – you need to set Client ID and Secret for these providers in the Dashboard for the logout to function properly. You can read this document for further details.

After you have set the the Client ID and Secret, to make the redirectTo work after logout for Facebook, there is additional requirement: Log Users Out of Identity Providers

And Google, unfortunately doesn’t support to redirect after logout: openid - google account logout and redirect - Stack Overflow

1 Like

Thanks for sharing your knowledge here @Guangjie!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.