Find the ID token of the current user

Hey all,

I have a Flask app and I want to implement a logout functionality that will end the session and log out the current oidc.

Currently, my endpoint look like this:

def logout():
    oidc.logout()
    return redirect(url_for('index'))

I understand that in order to log out from the session I need to add a GET request to this endpoint:

https://{baseUrl}/logout?id_token_hint=${id_token}

So I have 2 questions:

  1. What is the base URL?
  2. How I can retrieve the current ID token to pass to the endpoint?

Thanks!

Base URL is your authorization server URL (https://developer.okta.com/docs/reference/api/oidc/#logout). You can get your id_token with many different ways depending on your OIDC flow and stage you are currently in this process. Check /token endpoint, it may give you an idea where to dig next (https://developer.okta.com/docs/reference/api/oidc/#token)

1 Like

Thanks.
I’m not sure what I am missing but I still can’t understand what is the baseUrl of my app or where to find it nor how to add a session logout functionality to my code.

If you do OIDC flow and do login into your application, then you use that baseUrl there, don’t you? It’s your authorization server URL.

@AcroPanco I posted this on another thread of yours where you asked something similar, but will drop it here as well so anyone else who finds this post can see it.

Another forum thread also discussed how to log users out of Okta when using Flask-OIDC and I provided details about what I found in Flask’s documentation and how Okta’s /logout endpoint works there, so I definitely recommend taking a look and see if it clears things up a little: Signing out and Logging in again does not ask for email and password