How to Enable the OIDC Logout URL in the Discovery URL

Overview

This article explains how to enable the Open ID Connect (OIDC) logout URL to be available in the OIDC discovery endpoint.

curl -X GET https://acme.eu.auth0.com/.well-known/openid-configuration
{
  "issuer": "https://acme.eu.auth0.com/",
  "authorization_endpoint": "https://acme.eu.auth0.com/authorize",
  ...
  "end_session_endpoint": "https://acme.eu.auth0.com/oidc/logout"
}

Applies To

  • Open ID Connect (OIDC)
  • Logout URL

Cause

The Relying Party (RP)-initiated logout endpoint, also known as the OIDC Endpoint logout endpoint, is currently available for all Auth0 tenants. For Auth0 tenants created on or after 14 November 2023, RP-Initiated Logout End Session Endpoint Discovery is enabled by default.

Solution

Follow the video or steps below.

The OIDC Logout URL can be enabled in two ways:

  • Auth0 Dashboard
  • Management API

Auth0 Dashboard

  1. Open the Auth0 Dashboard.
  2. Navigate to Settings > Advanced.
  3. Enable the toggle for RP-Initiated Logout End Session Endpoint Discovery.
  4. Click Save.

Management API

  1. By using the Update tenant settings Management API:
  2. Set rp_logout_end_session_endpoint_discovery to true, E.g,
{
  "oidc_logout": {
    "rp_logout_end_session_endpoint_discovery": true
  }
}

Related References