Reputation: 43
ADB2C with authentication/logout not working in Blazor
When using ADB2C for authentication in a Blazor Webassembly project, the authentication/logout seems to log out and shows a page with the request to close all browsers. Anyway if the user just uses the back button in the browser she/he is still able to access the contents and is treated as still loged-on. So, how to get a real logout?
Upvotes: 0
Views: 1692
Answers (1)
Reputation: 2447
While directing the user to the end_session_endpoint will clear some of the user's single sign-on state with Azure AD B2C, it will not sign the user out of the user's social identity provider (IDP) session. If the user selects the same IDP during a subsequent sign-in, they will be reauthenticated, without entering their credentials. If a user wants to sign out of your B2C application, it does not necessarily mean they want to sign out of their Facebook account entirely. However, in the case of local accounts, the user's session will be ended properly.
To sign out the user, redirect the user to the end_session endpoint that is listed in the OpenID Connect metadata document(example) :
GET https://{tenant}.b2clogin.com/{tenant}.onmicrosoft.com/{policy}/oauth2/v2.0/logout?post_logout_redirect_uri=https%3A%2F%2Fjwt.ms%2F
Reference: Azure Active Directory B2C: Web sign-in with OpenID Connect
Upvotes: 2
Related Questions
- Azure AD B2C: The redirect URI in the request, does not match the ones authorized for the OAuth client
- Azure B2C Log out has trouble signing me IN(!)
- Blazor app Reload after B2C authentication
- Blazor WASM Standalone: 404 error on Logout using AD B2C and MSAL
- How to call "SignOut" in Blazor Server with AzureAD and Microsoft.Identity.Web?
- Azure AD B2c signout issue
- Azure AD B2C logout after session timeout
- Blazor server with AzureB2c always redirect to AzureADB2C/Account/Error when trying to signin
- B2C Logout not calling a SAML IdP
- Issue with logout on Azure AD B2C and ASP.NET Core