The signon operation is working fine, however we have some issues with out logout operation.
The workflow of signin and signout operation is as follows
- User navigate to a page appUrl/external-login. It redirects the user to Auth0 universal login and from there to IdP for authenticating user.
- Once user is authenticated we authorize API using access token and redirect user to relevent pages based on there roles.
- On logout button click event, we fire AuthService.logout() and clear all application level session and cache data.
- User is redirected to appUrl/external-login page and user is displayed the auth0 Universal login page
- When user enters his/her email, then user is directly logged in without navigating to IdP.
We tried to add federated option in logout method as following and in the saml enterprise connection checked the Enable Sign Out option to enable to logout from IdP as well. However this also doesn’t seems to have any effect.
this.auth.logout({federated: true, client_id: ‘xyz’});
I tried to find out how to delete the auth0 session cookie, but doesn’t find any reference. On tenant settings I do see setting Session Cookie Mode to Non-persistant session, but it seems to invalidate a session cookie when the browser is closed. How to invalidate when user clicks on logout button.