Redirect Users after Logout

Problem Statement

When logging out of an application, an ‘invalid_request’ error is thrown even though the URL value in the “returnTo” is already part of the Allowed Logout URLs in the application.

Symptoms

The error message takes this form:
invalid_request: The "returnTo" querystring parameter "[https://login.example.com"](https://login.example.com/)" is not defined as a valid URL in "Allowed Logout URLs".

Steps to Reproduce

Make a GET request to:

https://YOUR_DOMAIN/v2/logout?redirectTo={DESIRED_URL}

Troubleshooting

A HAR file of the logout flow will show the point at which this error is thrown.

Cause

The client ID was not explicitly given in the application code. As a result, the /logout endpoint could not determine from which application the user was attempting to logout from.

Solution

The issue can be fixed by including the client_id parameter in the string, as shown here:

https://YOUR_DOMAIN/v2/logout?returnTo=http%3A%2F%2Flocalhost%3A85&client_id=YOUR_CLIENT_ID

Related References

• Redirect Users after Logout
• Problem with ReturnTo Query-string Parameter
• Log Users Out of Applications
• Redirect Users with Alternative Logout
• Check Login and Logout Issues