Reputation: 55
How to call "SignOut" in Blazor Server with AzureAD and Microsoft.Identity.Web?
I have a Blazor Server app (.net5) that uses Microsoft.Identity.Web to sign users into AzureAD. This part of it all works as expected - load the app and it automatically gets the "Microsoft Signin" dialog. The AuthenticationStateTask also shows the user as "IsAuthenticated". My issue is trying to add a Sign Out button.
I have tried:
<a href="https://login.microsoftonline.com/common/oauth2/v2.0/logout">Log out</a>
and:
<a href="https://login.microsoftonline.com/{domainID}/oauth2/logout">Log Out</a>
Both take me to the Microsoft "hold on while we sign you out" page, the only difference being the first option asks "Which Account" to sign out from. Pressing "Back" in the browser or manually going to the site address again and i am automatically signed back in as the previous user. If i press "Log Out" and then manually go to:
/signout-oidc
i get a blank page (which i understand is correct) but then going back to the Wep App, i am correctly asked to log in again - so my assumption is the call back is is not being called automatically.
In my appsettings.json i have:
"CallbackPath": "/signin-oidc",
"SignedOutCallbackPath": "/signout-callback-oidc",
"RemoteSignOutPath": "/signout-oidc",
as well as the Domain and Tenant etc.
In the Azure Web Registration i have the /signout-oidc in the "Front-channel logout URL" field.
I must be missing something (or calling the wrong URL?) however after many hours of research, I cant work it out.
Any assistance on this would be greatly appreciated thank you.
Upvotes: 5
Views: 10082
Answers (1)
Reputation: 42043
You could use the Sign-out button like below, selecting the Sign out button in the web app triggers the SignOut action on the AccountController controller.
<a class="nav-link text-dark" asp-area="MicrosoftIdentity" asp-controller="Account" asp-action="SignOut">Sign out</a>
For more details, refer to this doc - https://learn.microsoft.com/en-us/azure/active-directory/develop/scenario-web-app-sign-user-sign-in?tabs=aspnetcore#sign-out
Update:
In Blazor, you could open the LoginDisplay.razor and update the code like below.
<AuthorizeView>
<Authorized>
Hello, @context.User.Identity.Name!
<a href="MicrosoftIdentity/Account/SignOut">Log out</a>
</Authorized>
<NotAuthorized>
<a href="MicrosoftIdentity/Account/SignIn">Log in</a>
</NotAuthorized>
</AuthorizeView>
Sample - https://github.com/jpda/msiddev-blazor-aad-graph
Upvotes: 7
Related Questions
- How to logout of Blazor server from C# code
- How do I define the SignedOut page in Microsoft.Identity.Web?
- Azure B2C Log out has trouble signing me IN(!)
- How to sign out successfully from a Blazor server-side app?
- ASP .NET Core Blazor Server Microsoft Identity remotely user logout
- How to redirect to home page after sign out in a Blazor serverside application
- Blazor WebAssembly app /authentication/logout results in "There was an error trying to log you out: ''" fail
- ADB2C with authentication/logout not working in Blazor
- SignOut of Azure AD in Blazor Server-Side without WebAPI
- Azure Active directory Logout