"Invalid value for 'client_id' parameter." On logout

BirdThunderford · March 30, 2021, 9:49pm

Hello!

I’m using Django with mozilla-django-oidc to handle my openid connect authentication. This module allows me to specify a custom logout mechanism and I’m running into an issue where it throws a 400 Bad Request error when I try to use the custom logout url.

The URL looks like:

https://<my okta org>/oauth2/default/v1/logout?id_token_hint=<my csrf token>&post_logout_redirect_uri=<my post logout url>

Only this causes the 400 Bad Request error and throws up this error data:

|errorCode|invalid_client|
|---|---|
|errorSummary|Invalid value for 'client_id' parameter.|
|errorLink|invalid_client|
|errorId|oaeSst18EBASayc_PcZ4ibbBQ|
|errorCauses|[]|

What does the client id have to do with the logout URL? It’s not something that changes during the session at all (and I wouldn’t even be able to log in if the client id were incorrect anyway).

Any thoughts?

andrea · March 30, 2021, 11:35pm

Are you sending the raw jwt ID Token as the id_token_hint in your /logout redirect?

That error usually crops up if the id token, which is the auth for this request, is missing or malformed.

BirdThunderford · March 30, 2021, 11:49pm

Turns out I was not! I realized it just as I got your response. I was passing it the csrf token by accident. whoops.

Thanks!

system · March 31, 2021, 11:50pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Error invalid_client when hitting logout url OAuth/OIDC	2	2235	January 3, 2024
Description: Invalid value for 'client_id' parameter Questions	6	13072	January 26, 2024
Okta raw logout Questions	4	4525	December 11, 2020
Getting invalid client on /logout endpoint Questions	10	3989	September 16, 2021
Error 400, bad request on logout OAuth/OIDC	5	900	May 8, 2024

"Invalid value for 'client_id' parameter." On logout

Related topics