This question is related to the okta-auth-js sdk.
I am seeing an error when calling authClient.signOut(). The error is an OAuth2 token revocation request invalid_token error.
I followed the tutorial at Sign users in to your SPA using redirect and Auth JS | Okta Developer and while signing in and retrieving a token worked fine, I was unable to successfully sign users out.
After a fair amount of testing it looks like the authClient has to be run as a service in order to support signOut. This isn’t documented in the tutorial linked above or in the documentation for the sdk, which only says you need the service for token refresh, etc.
Adding authClient.start() fixed the logout issue I was seeing.
Am I right in thinking that when adding the authClient to a javascript app you pretty much have to run it as a service to get the logout functionality working? I.e is there any case in which a user might not want to run it as a service?
Thank you!