400 upon logout, redirect URI looks fine, no other clues

tomsmith · August 17, 2023, 12:38pm

I am doing local testing of an Okta integration, with my server running on localhost:9000. I am testing in an Incognito window. Sign-in works fine, however sign-out is resulting in a 400 error. The URL is:

https://trial-7277201.okta.com/oauth2/default/v1/logout?state=ec78371769&post_logout_redirect_uri=http%3A%2F%2Flocalhost%3A9000%2F&client_id=0oa6y9l8ru44EpUXD697

The Okta application has two configured sign-out redirect URIs:

The parameter in the /logout URL decodes to the second redirect URI above. The HTTP response is:

okta-400

I don’t see this sign-out attempt in the Okta logs, so I’m not sure how to proceed. Suggestions?

Thanks in advance.

tomsmith · August 17, 2023, 6:45pm

Just adding that logout worked okay yesterday, and I don’t think anything changed on my end, though I can’t be 100% sure.

andrea · August 18, 2023, 4:24pm

Unless you omitted it in your post, I don’t see an id_token_hint in your /logout request. Our docs do mention some reasons you can encounter errors with /logout and I would focus on id_token_hint to start with.

tomsmith · August 21, 2023, 12:18pm

That looks promising. Thanks for the reference.

Post		Replies	Views
400 Bad Request when trying to logout by redirecting OAuth/OIDC	3	3521	February 15, 2024
Https://********.okta.com/oauth2/default/v1/logout throws 400 error OAuth/OIDC	7	2059	February 15, 2024
Sign-out Redirect URI seemingly ignored Questions	6	5785	June 10, 2021
Can't logout, error 400 Bad Request OAuth/OIDC logout	2	70	October 14, 2024
Signout function not redirecting and flagging an error OAuth/OIDC angular	2	2033	February 15, 2024

400 upon logout, redirect URI looks fine, no other clues

Related topics