I am using OKTA for OIDC Application. Login functionality of it is working fine.
But When i try to logout my OIDC application then i get an error in from OKTA side.
What’s the value of your {client} variable? Is it the authorization server id? Because that’s what it should be, e.g. https://org.okta.com/oauth2/aus1234567890/v1/logout
Is your application attempting to redirect to the /logout endpoint? Is it including the id token in the query parameters for this request (as the id_token_hint param)?
… I don’t understand the cause of this error. Why does it seem like the browser is attempting to download a file? Are you doing a browser redirect to the /logout endpoint?
We have several sample applications in various languages/frameworks, which you can find on Github: Okta, Inc · GitHub
All of these sample applications are OIDC applications that support login and logout
Do you know any configuration at server setup side, which stops the session logout operation?
Like i have tried with couple of ways, but with all we are not able to logout properly. It seems like there is some configuration which is retaining the session , even after logout.
And how does the session persistence look after this /logout redirect? If the user navigates to Okta in another tab, are they still logged into Okta? Are you removing the session information from your application as well (clearing cookies/tokens)?