Microsoft Azure AD won't forget last user (auth0-lock)

jan-at-futr · June 11, 2019, 5:34pm

I have auth0-lock set up to log in through a MS Azure AD portal.

I want it to forget the last logged in user, so that I can switch between users as required for testing and such.

The problem is, despite using { rememberLastLogin: false }, the MS Azure AD portal still auto-logins in through the previously used user automatically — the popup flashes up and disappears again before I’m able to intervene. Help!

const auth = new (Auth0Lock as Auth0LockStatic)(api.auth0ClientId, process.env.AUTH0_DOMAIN as string, {
    auth: {
      redirect: false,
      responseType: 'token id_token',
      params: {
        // AUTH0_ADGROUPS_PROPERTY in JWT required by the server for auth-enabled bots
        scope: `openid ${process.env.AUTH0_ADGROUPS_PROPERTY}`
      },
      sso: false
    },
    rememberLastLogin: false,
    autoclose: true,
    language: api.locale
  });

kstrongholte · January 3, 2020, 10:34pm

When switching between users, are you logging out from the IdP (i.e. Microsoft AD)?

Unless you’re including the federated parameter in your call to the /v2/logout endpoint, only the Auth0 session will be invalidated and subsequent logins asking for AD credentials will use the existing IdP session.

Please take a look at the following articles for more information: