Be logged out on IDP side #4989
Labels
backlog candidate
Pull requests/issues that are candidates to be backlog items
proposal
An issue that proposes a feature request
Is your feature request related to a problem? Please describe.
With the current oidc configuration, if you go on https://domain.org/logout, it only clears the cookies from Nginx perspective, not from IDP.
As describe in Auth0 documentation, you need to redirect the user on IDP's logout endpoint.
Describe the solution you'd like
The solution is to redirect the user on IDP's logout endpoint with the correct arguments.
On the IDP side, you can specify the Nginx logout endpoint /_logout and then Nginx will redirect to a final page https://domain.org/login.
Nginx teams already done that in a previous project. Not implemented on this one.
https://github.com/nginx-openid-connect/nginx-oidc-auth0/blob/main/oidc.js#L178
https://github.com/nginx-openid-connect/nginx-oidc-auth0/blob/main/oidc_nginx_server.conf#L132
The text was updated successfully, but these errors were encountered: