Okta Developer Community

Flask OIDC SLO returns 400

Questions OAuth/OIDC

helpneeded October 19, 2024, 7:18pm 1

Hey everyone,
Im trying to configure SLO in my flask OIDC app so that whenever a user logs out in my app, Okta gets logged out too

@app.route("/logout1")
@oidc.require_login
def logout():
    #oidc.logout()
    logout_request = f"https://dev-XXXXXX.okta.com/oauth2/v1/logout?id_token_hint={oidc.get_access_token()}"
    print(logout_request)
    return redirect(logout_request)

I also tried
https://dev-XXXXXX.okta.com/oauth2/default/v1/logout?id_token_hint={oidc.get_access_token()}"

but I get 400 bad request any idea why?
Thx!

andrea October 21, 2024, 5:34pm 2

make sure the request path matches the authorization server that issued the token.
- if the token was issued by the Org Authorization server, the endpoint will be https://oktaDomain/oauth2/v1/logout
- if the token was issued by the Default Custom Authorization Server, the endpoint will be https://oktaDomain/oauth2/default/v1/logout
- if the token was issued by a different Custom Authorization Server, the endpoint will be https://oktaDomain/oauth2/{authorizationServerId}/v1/logout
send the ID Token as the id_token_hint value, NOT the Access Token

Post		Replies	Views	Activity
Really need someone to walk me through this Questions	3	3529	September 15, 2020
Session Logout with Python and Flask - no valid token Questions	3	5653	May 27, 2019
Python Flask - How to get the id_token_hint to logout user Questions	2	4667	May 14, 2020
Find the ID token of the current user Questions	5	4728	September 15, 2020
Error 400, bad request on logout OAuth/OIDC	5	893	May 8, 2024