Redirect Users after Logout

Last Updated: Nov 13, 2024

Overview

When logging out of an application, an invalid_request error is thrown even though the URL value in the “returnTo” is already part of the Allowed Logout URLs in the application.

The error message takes this form:

invalid_request: The “returnTo” querystring parameter “https://login.example.com” is not defined as a valid URL in “Allowed Logout URLs”.

Applies To

  • Logout
  • Invalid Request
  • Logout Error

Cause

The client ID was not explicitly given in the application code. As a result, the /logout endpoint could not determine which application the user was attempting to log out from.

Solution

The issue can be fixed by including the client_id parameter in the string, as shown here:

https://YOUR_DOMAIN/v2/logout?returnTo=http%3A%2F%2Flocalhost%3A85&client_id=*YOUR_CLIENT_ID*

Related References

1 Like