While logging out from my web app this Api (https://*****.okta.com/oauth2/default/v1/logout) throws 400 error even though i listed the redirect sign-out uri in okta portal
Note: i am using MSAL for my web application to do login and logout actions.
this the logout code snippet i am using in my application
function handleLogout(instance: IPublicClientApplication) {
instance.setActiveAccount(instance.getAllAccounts()[0]);
instance.logoutRedirect({
postLogoutRedirectUri: “/logout” , idTokenHint: idToken,
}).catch((e) => {
console.error(e);
});
}
What’s the exact error you are seeing when /logout is invoked? Have you ensured that you are actually using the “Default” Custom Authorization Server to get tokens (e.g. calling https://OktaDomain.com/oauth2/default/v1/authorize)?
If you remove the post_logout_redirect_uri
from your /logout request, do you still get the same error?
1 Like
As Andrea mentioned, the exact error would help in narrowing down the issue, and it seems that you’re using the default authz server from the logout uri you mentioned, so you need to be using the same authz server to get tokens.
@andrea @Sherry I am getting from this Api when signing in
After initiating logout this Api get succeeded.
with idTokenHint but still the Okta Logout throws error
So i can sign in into my application without credential’s / application open with previous user credential
Note: I am Using Azure B2C Custom Policy
Hold up, you’re getting tokens from Microsoft, not Okta? Or are you getting tokens from both?
@andrea We are using B2C custom policy in which we are using multiple IDP based on customer’s. were OKTA is one, and by using MSAL, we authenticate in our React application. here i am getting the token from OKTA