Reputation: 21426
Context:
auth0.logout()
below refers to the auth0-js library which is included in my app as a dependency of the auth0-lock library. My webpack config is pinning auth0-lock to v10.18.0.Problem:
When logging out, if the user doesn't want to be logged out of their Google sign-in session, I execute this code:
auth0js.logout({
returnTo: "http://localhost:8080"
});
This works fine, logs the user out of their Auth0 sign-in session, redirects the browser to localhost and the Google sign-in is left intact (user can re-authenticate with my app using Google creds without having to enter login details).
If the user explicitly indicates they also want to be logged out of their Google sign-in session as well, I execute this code:
auth0js.logout({
returnTo: "http://localhost:8080",
federated: true
});
The "sign out" part of this works, the user will be logged out of both the Auth0 and Google sign-in sessions. But the browser ends up being redirected to the Google account page (where google will ask them for their credentials, since they were signed out of their Google session).
Question:
Can anyone provide an idea on how I can force the Google-logout flow redirect back to my app instead of the Google account page? Or is this something that Google is doing on purpose (i.e. there is no way to get Google federated sign-out to redirect to my app)?
Upvotes: 0
Views: 1053
Reputation: 7054
Unfortunately, the returnTo URL available for some connection types is not available for Google social connections.
Upvotes: 2