Logout with "returnTo" parameter for social logged in user doesn't work

david.toth · November 4, 2019, 11:18am

I’m using the Single Page Application SDK. I can successfully log in to the application with the Auth0 Universal login, but when trying to log out from our SPA it doesn’t seem to redirect to the URL set by the redirectTo parameter.

I set the client_id parameter correctly
Just to be sure, I even tried with clientId and clientID parameters, but still redirects wrongly
I set the Allowed Logout URLs correctly: http://localhost:3000/auth/logout
For making sure it’s not the client_id problem, I set the Allowed Logout URLs in the Tenant settings as well, but no success
I get back a Success Logout log in the dashboard, which tells me the following:

{
  "date": "2019-11-04T10:51:40.494Z",
  "type": "slo",
  "description": "Redirected to IdP",
  "connection": "facebook",
  "connection_id": "xxx",
  "client_id": "xxx",
  "client_name": "xxx",
  "ip": "xxx",
  "user_agent": "Chrome 78.0.3904 / Mac OS X 10.15.0",
  "details": {
    "return_to": "http://localhost:3000/auth/logout",
    "allowed_logout_url": [
      "http://localhost:3000/auth/logout",
      "http://localhost:3000/auth/signin"
    ],
    "session_id": "xxx",
    "device_id": "xxx"
  },
  "hostname": "xxx.eu.auth0.com",
  "user_id": "xxx",
  "user_name": "xxx@gmail.com",
  "auth0_client": {
    "name": "auth0-spa-js",
    "version": "1.3.2"
  },
  "log_id": "xxx",
  "_id": "xxx",
  "isMobile": false
}

So it seems to be set correctly, however I always get redirected to the Facebook home page in case I’m logged in with Facebook. Same goes to the Google login.

Could you please point me to the right direction?

Guangjie · November 13, 2019, 1:13am

Hi David,

If you would like to set the federated parameter to logout users from external IdP – in your case it’s Google and Facebook – you need to set Client ID and Secret for these providers in the Dashboard for the logout to function properly. You can read this document for further details.

After you have set the the Client ID and Secret, to make the redirectTo work after logout for Facebook, there is additional requirement: Log Users Out of Identity Providers

And Google, unfortunately doesn’t support to redirect after logout: openid - google account logout and redirect - Stack Overflow

konrad.sopala · November 13, 2019, 9:21am

Thanks for sharing your knowledge here @Guangjie!

system · November 28, 2019, 9:21am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logout redirect facebook Get Help logout , react , facebook , redirect	2	7706	March 2, 2018
G Suite Logout Does not Redirect to returnTo url Get Help logout-redirect	1	3699	September 4, 2020
Logout returnTo URL not honored on auth0 connection if federated parameter included in the URL Product Feedback	1	2153	September 22, 2021
Logout redirect return to not working properly Get Help auth0 , logout-redirect	2	12928	January 21, 2021
Logout with redirectTo passes to wrong URL from Allowed Logout URLs Get Help logout	6	5646	January 1, 2019

Logout with "returnTo" parameter for social logged in user doesn't work

Related topics