Greetings, we have a React front-end app that we’re using Auth Flow w/PKCE. Our login/logout seems to work fine except for one caveat. Which I’m not sure is an issue. When the oktaAuth.signOut(); is called from the React app, I can see 3 separate log messages in the Okta System Log. I’ve included them below. The first message is the very bottom one. So it looks like there is a revocation request first on the Refresh token, which is successful. But then there’s a revocation request on the original token which says, FAILURE: invalid_token which is what concerns me. The last message, User logout from Okta SUCCESS looks good. My question is, should I be concerned about the FAILURE message? This is a brand new app so I’m just trying to make sure we’re doing this logout (signout) correctly.
Jun 12 11:57:19
XXXX (User)
User logout from Okta
SUCCESS
Jun 12 11:57:19
Compass DEV (PublicClientApp)
OAuth2 token revocation request
FAILURE: invalid_token
Compass Auth Server (AuthorizationServer)
Jun 12 11:57:18
Compass DEV (PublicClientApp)
OAuth2 token revocation request
SUCCESS
Refresh Token (refresh_token)