returnTo Does Not Work when Performing a Federated Logout with a Google Connection

Overview

When performing federated logout, the application does not redirect to the login page as expected after logging out of a Google Workforce connection.

The format of the logout call is along the lines of https:///v2/logout?federated&returnTo=&client_id=;

Applies To

• Federated Logout
• Google Connection

Cause

This documentation mentions that:

• The behavior of federated logouts with social providers is inconsistent. Each provider will handle the returnTo parameter differently, and for some, it will not work. Please check the social provider’s settings to determine how it will behave.

Solution

Unfortunately, it is a known issue with Google logout — google does not support/honour the returnTo URL if it’s not a google.com domain.

This is not something that can be controlled within Auth0 since the request has been passed to the IdP authority.

Related References

• G Suite Logout Does not Redirect to returnTo URL
• How to redirect user back to my app when doing Auth0/Google federated SSO logout?
• Google Account Logout and Redirect