Reputation: 57
oidc/logout with id_token_hint is not working
I am sending https://localhost:9443/oidc/logout?id_token_hint=my_id_token and getting the page with the message Identity Server You have successfully logged out. But when I go back to the login page,it is returning authorization code instead of asking login/password.
Upvotes: 0
Views: 1760
Answers (1)
Reputation: 1269
According to the browser traces shared in the comments, it seems you are sending the logout request to an incorrect hostname+port (aisoip-devis.xxxxx.kz:9443). Due to that reason, the commonauthId cookie on the browser against the original hostname (aisoip-dev2.xxxxx.kz) is not cleared. Also, that cookie is not passed to WSO2 IS along with the logout request due to the hostname difference and WSO2 IS is unable to terminate the session on its side as well.
https://aisoip-devis.xxxxx.kz:9443/oidc/logout
https://aisoip-dev2.xxxxx.kz/oauth2/authorize
To correct this issue, you will have to send the logout request to the same hostname+port pair where you are sending the authentication request.
https://aisoip-dev2.xxxxx.kz/oidc/logout
Upvotes: 1
Related Questions
- How To properly OIDC Logout in WSO2 IS
- WSO2 Identity Server 5.7.0 Oauth/OpenId Connect Logout has Error about session state?
- Forced logout after password reset WSO2 IS
- WSO2IS-5.7.0 OIDC SSO logout without id_token_hint
- Identity Server does not validate SAML LogoutRequest Signature
- WSO2 IS - OAuth2/OIDC Giving the same token
- WSO2 IS Single Logout partially working
- WSO2 IS - Invalid tenant domain when providing id_token_hint to logout endpoint
- WSO2 Identity Server 5.0 - Can't perform single logout
- wso2 is single logout partially working contd