How works logout

Questions
1

Hi Friends,

This is my first SSO implementation, using okta documentation we were able to do logout, however if the user tryies to login again, our program don’t request okta credentials again, our program show immediatelly the first page of the system. My question is: If when the user logout, okta system replied with an “OK”, in the logout, why this behaviour? Is working logout? What can we expect when logout an user?

Thank for in advance for any answer

2

Hi there! How exactly are you logging out? Are you using any SDK in particular?

3

Hi tyf,

I am not using any sdk, I send directly the get to my endpoint, the endpoint response is “ok”, but the user session stills alive.

Best regards

4

Thanks for clarifying - Please check out the following post regarding logging a user out/clearing sessions:

5

Hi tyty,

Thanks for you answer. I have been trying to follow your advise, however until now, I was unable to delete user session, please help me with these queations:

  1. How can we get the userID, we can see this value when we validate token, but cannot get it.
  2. In some documentation parts, We saw that we need to send a header “Autorization: SSWS api_token”, how can we get the api_token?

Thanks in advance

6

No problem! Happy to help :grinning:

  1. You can get the user id from the current session: Sessions | Okta Developer
  2. You can create an API token in your Okta Org: Overview | Okta Developer
7

Hi tyty,

Thanks for your help, let me tell that we were able to do the logout and we was able to revoke the user sesión, now if the user tries to login to the system, the system request to capture user/passsword, the problem is that using valid credential okta replies: “Your login was unsuccessful. PLease try again” Do you know what is the reason for this behaviour? Why okta does not accept valid credentials? If the user close the browser everything works fine.

Thanks in advance