I need to be able to effectively sign an account out of our application on demand to test a problem we’re having in our Angular (v9) application that’s using Okta (okta-angular). I was trying to use the “Close Session” API call (https://developer.okta.com/docs/reference/api/sessions/#close-session) using “curl” which appears to work as it returns a “204” (it returns a 404 if the session isn’t found). However it does not result in the user being signed out of the application. If we reload the application in the web browser, it reloads without showing the sign on view as expected.
The main problem we’re trying to troubleshoot is that the user’s session appears to be expiring (either through timeout or some other means), then when they attempt an operation in the application that initiates a REST call to the back-end (protected by Okta) it throws an error from the HTTP interceptor saying they’re not authenticated. We’re using the basic bearer token pattern found in the getting started documentation.
If anyone can help with killing a session on demand so I can troubleshoot this issue, I’d appreciate it. If someone already knows a good solution for this problem in the HTTP interceptor, I’d be equally grateful.