CORS error while calling OKTA logout API

I am using native Application for OKTA authentication. While I am trying to logout using api, getting below CORS error-

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://dev-213533.okta.com/oauth2/default/v1/logout?id_token_hint=token&post_logout_redirect_uri=http://admin.xxxxxxx.com/servlet/OKTALogout. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

I am using below url for logout-
https://dev-213533.okta.com/oauth2/default/v1/logout?id_token_hint=token&post_logout_redirect_uri=http://admin.xxxxxxx.com/servlet/OKTALogout

I have already set all domain to trusted origin.

okta_trusted_origin.png1247×460 12.9 KB

please let me know if you have any solution.

Hi @hemantk

The /logout endpoint of the authorization server can not be accessed through ajax request. You can redirect the user through the window browser to this endpoint and Okta will redirect him back to the URL specified under post_logout_redirect_uri.

Hi @dragos
I’m trying to hit the oauth2/v1/logout api and passing in the token from a backend handler after being redirected to there from my frontend
i’ve listed my base URL in trusted origins for CORS and redirect as well as in the logout URL under my application settings but I’m still facing this issue
any ideas?

is the logout endpoint CORS enabled?

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.