Hi, I followed the “Okta-Hosted Login” example on GitHub (https://github.com/okta/samples-aspnet/tree/master/okta-hosted-login) to setup my project.
When a user tries to access my application, they are redirected to Okta for login, and after authentication, they are redirected back to my application as expected. If they logout of my application, we call the SignOut() method and they are signed out of our application and signed out of Okta.
The problem is when a user opens the Okta dashboard in a new tab, and clicks Logout from the Okta dashboard. They are then sent back to the Okta login screen, however, they are still able to access the application without needing to sign back in.
What’s the best practice to handle a logout action from the Okta dashboard when the user already has a valid cookie for the ASP.NET MVC application?