Remove all SSO cookies when using SAML

ben7 · March 21, 2019, 1:00am

Hi,

I’m stumped with a bug so hoping someone could point me in the right direction.

We are using auth0 with SSO that users use to log in to the Sharefile API and generate an access token. The problem is it seems the auth0 session is not being cleared because the sharefile token returned is always for the previous logged in user.

It works fine if I do it from Chrome Incoginto mode, which is why i think it’s something to do with auth0. I’m hitting the /v2/logout endpoint to log a user out and clearing all session/localStorage/cookies.

Am I missing something?

Thanks!

James.Morrison · March 21, 2019, 1:16pm

Hey there @ben7, I would be happy to take a look at this with you. When you get a chance can you record a HAR file of the current problematic workflow? Be sure to select “Preserve log” to catch redirects and scrub the file of user passwords before passing, I also have included our standard logout documentation for historical reference as we work together to this get this resolved. thanks!

James.Morrison · March 25, 2019, 2:08pm

I wanted to follow up @ben7 and see if you had a chance to snag that HAR file. Please let me know if you have any questions. Thanks!

ben7 · March 25, 2019, 11:33pm

Hi James, sorry for the slow reply. Thanks for your help we fixed the issue - it was on sharefile side.

Thanks.

James.Morrison · March 26, 2019, 1:06pm

I’m glad to hear that it all came together! Please be sure to let us know if you have any questions in the future we can assist with!

James.Morrison · April 10, 2019, 1:06pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.