Auth0 Home Blog Docs

Logout works for google but not e-mail users

For google authenticated user logout works fine

https://mytenant.eu.auth0.com/authorize?client_id=Htk65H79R0gAqnd2lTw1y6Z1U34Kiqg9&response_type=token%20id_token&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2F&scope=openid%20profile&audience=https%3A%2F%2Fmytenant.eu.auth0.com%2Fapi%2Fv2%2F&state=Unqpdi3N9tnzlCbhPjoRG1oHkOBvsasL&nonce=caF0PO3QVAsVa3ArAzugiul8ksUd6ZfZ

and the location header is:

/login?state=g6Fo2SBUWHRXUzltUkJCTHZKRDRhcXJrMHc2bVEtLU85ZUlISKN0aWTZIDVyWEVqWUF3MzYyQk1iQ004ckM2LUxjcHJVejBjOFRZo2NpZNkgSHRrNjVINzlSMGdBcW5kMmxUdzF5NloxVTM0S2lxZzk&client=Htk65H79R0gAqnd2lTw1y6Z1U34Kiqg9&protocol=oauth2&response_type=token%20id_token&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2F&scope=openid%20profile&audience=https%3A%2F%2Fmytenant.eu.auth0.com%2Fapi%2Fv2%2F&nonce=caF0PO3QVAsVa3ArAzugiul8ksUd6ZfZ

which is good. Same code nothing changed. When I try for normal e-mail users:

https://mytenant.eu.auth0.com/authorize?client_id=Htk65H79R0gAqnd2lTw1y6Z1U34Kiqg9&response_type=token%20id_token&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2F&scope=openid%20profile&audience=https%3A%2F%2Fmytenant.eu.auth0.com%2Fapi%2Fv2%2F&state=xNUaL6tO-9qLEQRU5bIYI~zAp~ehISIM&nonce=Nb66HkeoAqt3bx7mS9l5M3PDrUXnhzN-

the location redirect header causes login again because it’s wrong:

http://localhost:4200/#access_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1VTTBSVFUyT1VZeFFVUTJOa1ZHUWpORFF6RXdRelUzT0VJNE5URkVNamd5UkRRMVJUazVPQSJ9.eyJpc3MiOiJodHRwczovL3dlbnRzeS1zcC5ldS5hdXRoMC5jb20vIiwic3ViIjoiYXV0aDB8NWM2YmYzYmE3ZjAyZjczNzc0M2EwNzViIiwiYXVkIjpbImh0dHBzOi8vd2VudHN5LXNwLmV1LmF1dGgwLmNvbS9hcGkvdjIvIiwiaHR0cHM6Ly93ZW50c3ktc3AuZXUuYXV0aDAuY29tL3VzZXJpbmZvIl0sImlhdCI6MTU1MDU5Mzk2OSwiZXhwIjoxNTUwNjAxMTY5LCJhenAiOiJIdGs2NUg3OVIwZ0FxbmQybFR3MXk2WjFVMzRLaXFnOSIsInNjb3BlIjoib3BlbmlkIHByb2ZpbGUifQ.avntRImVnFE2YOXpAQJrhQ_hsNObmwqI_D0Eft7Bnq7BbJVlnLw4RkxO1qdeAYUCHmdZo-I4AScwCFb3GfsMH-uc4nreif9zqasYJsfgqSB05zX7sAv1ljvy4XmHvw-AJgprgPpBIgiC1KBDVgZ34U4v3uL3B2_1hraAplqaWWkz1JZ7AvpUFcuDPbi1VHMZ5ohSFF6C3Y-nogcKK9m_R3ECeN1w_Kl8cD2Oe7Lw63KHcM35TdVlEM5OfhIxDGQy4k4TGmnParAO4CSdlhq18rPRDJS4TxjQjCWN_eIT0yZ36vg6qx62xvs4DNv8TRr9cCjcH7X0d-SL7_bL6MsDPQ&scope=openid%20profile&expires_in=7200&token_type=Bearer&state=xNUaL6tO-9qLEQRU5bIYI~zAp~ehISIM&id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ik1VTTBSVFUyT1VZeFFVUTJOa1ZHUWpORFF6RXdRelUzT0VJNE5URkVNamd5UkRRMVJUazVPQSJ9.eyJodHRwczovL3dlbnRzeS5jb20vdXNlcl9tZXRhZGF0YSI6eyJuYW1lIjoiRGVuZW1lIiwic3VybmFtZSI6IkRlbmVtZTEyMyJ9LCJuaWNrbmFtZSI6ImZpcmF0a3VjdWsiLCJuYW1lIjoiZmlyYXRrdWN1a0BnbWFpbC5jb20iLCJwaWN0dXJlIjoiaHR0cHM6Ly9zLmdyYXZhdGFyLmNvbS9hdmF0YXIvNDQ2OTU5OThjMGNjZTc0NmQwOTc4ZTRjNzM0MmE2NmQ_cz00ODAmcj1wZyZkPWh0dHBzJTNBJTJGJTJGY2RuLmF1dGgwLmNvbSUyRmF2YXRhcnMlMkZmaS5wbmciLCJ1cGRhdGVkX2F0IjoiMjAxOS0wMi0xOVQxNjozMjozOC43NTRaIiwiaXNzIjoiaHR0cHM6Ly93ZW50c3ktc3AuZXUuYXV0aDAuY29tLyIsInN1YiI6ImF1dGgwfDVjNmJmM2JhN2YwMmY3Mzc3NDNhMDc1YiIsImF1ZCI6Ikh0azY1SDc5UjBnQXFuZDJsVHcxeTZaMVUzNEtpcWc5IiwiaWF0IjoxNTUwNTkzOTY5LCJleHAiOjE1NTA2Mjk5NjksImF0X2hhc2giOiJYR2c2VkR0Wk15MDJ1SDd3M09ob0h3Iiwibm9uY2UiOiJOYjY2SGtlb0FxdDNieDdtUzlsNU0zUERyVVhuaHpOLSJ9.b9laagFqQ-depfRx50M8xkE2vm-cn3IHmqkoRKxlCph3Xbpz1X-GYox-6HX1niIHkKrntLrF_tKEMvXYZUE6bckEivdjxLxyo9uDP1XGfGAay3mvMFpLbD3Wqlp8eGu6KhOuVcPu8nh1r4-vTvDhVy6BuNQzycBNnIYsjFedmenkI8Gb8YACosE-9JdEI6jCuT25MVE9wDp7QthyPx0ZiAMu_D5MBlFzqeaHQSJe_ob2Hqw4ywAjc1IwxlKiQOI46H6MVL0cyjSdCnUKXl5ULDIi2hQDrpqzmsKSOk1OVSNfkCbwIFjeeQkzqn0iOk9q3nJ_AI-tJ8VxAb7eMIw3Bw

So what might be the problem?

The information provided is not sufficient for a definitive answer as that would require an analysis of the HTTP requests being sent by the user-agent.

However, from what you describe and assuming you’re calling /v2/logout in the same exact way for the two cases, the most likely explanation is that you’re using developer keys for the Google connection.

As mentioned at (https://auth0.com/docs/connections/social/devkeys#limitations-of-developer-keys) developer keys won’t support SSO so this can seem equivalent as a logout having worked when in reality it’s the developer keys leading to the behavior you mention.