Hello everyone,
I got an issue with logging users out after I set the AUTH0_COOKIE_DOMAIN environment variable.
After setting it to a .domain.com address (my apps run on subdomains), I wasn’t able to log out correctly. Looking at the /api/auth/me profile site (running on auth.domain.com), I saw that the session data of the user did also not update when changing the app_metadata for example.
A direct call to /api/auth/logout didn’t work and redirected me to my application (which needs authentication, so it was clear that the logout didn’t log me out)
I got it fixed by manually removing the cookies, but I hardly doubt that this is actually a solution.
Does someone know what exactly the issue was and how I could fixed it correctly?