Can't logout, error 400 Bad Request

SamDev · October 14, 2024, 6:56am

Hi,

I have integrated Okta login but when I try to logout I have an error 400 Bad request. (I use PHP)

I have tried to change the authorizationServerId to “default” in the URL from :
‘https://dev-XXX.okta.com/oauth2/v1/logout?id_token_hint=’.$_SESSION[“access_token”]
to :
‘https://dev-XXX.okta.com/oauth2/default/v1/logout?id_token_hint=’.$_SESSION[“access_token”]

I have tried with a redirection to a specific url with the parameter “post_logout_redirect_uri” (the url of redirection being correctly registered in the application), but I still have the same error.
I have tried to add the parameter “state”, with the state recorded during the login, but no more success.

Do you have any ideas ?

Thank you.

andrea · October 14, 2024, 8:23pm

Your code snippets there make it look like you may be providing an Access Token to the /logout endpoint, but you need to make sure that the value for the id_token_hint is an ID Token.

Do you still see an error if you send an ID token to this endpoint instead?

system · October 31, 2024, 2:07pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Error 400, bad request on logout OAuth/OIDC	5	893	May 8, 2024
OIDC Web app - error 400 on login out OAuth/OIDC	2	1185	March 17, 2024
Unable to logout from Okta OpenID and Invalid token error Questions	3	4116	January 24, 2024
MVC Core 2.0 Demo: Logout causes 400 error OAuth/OIDC dotnet	3	5123	July 12, 2018
Help with /logout Questions	7	6310	January 31, 2020

Can't logout, error 400 Bad Request

Related Topics