I have a react SPA using auth0 SP with a SAML auth0 Idp for authentication. The login authentication is working great. the problem is the logout, when users click on a logout button, it triggers the
logout auth0 hook, which i think It calls the
v2/logout endpoint, and it redirects the users to the logout callback, the problem is that the auth0 cookies are not being cleared out, so if the user tries to log in again, it is automatically signed in without prompting credentials. When I manually clean the cookies after each logout the app behaves the way it’s supposed to.
I tried setting the session expiration from 36000 to 60 seconds, but that didn’t help. I also tried using the
v2/logout as shown here Authentication API Explorer, but it didnt work.