Logout.. case sensitive!

This was driving me crazy.

We are using Okta for our customer facing applications and not employees (yet). Customer login to each app on their own and do not have a ‘tiles’ landing page. Single-Sign-On kicks in as they go from application to application.

In case you want to logout of Okta (all of Okta, not necessarily each app), and send the user back to the original application where they clicked logout, I suggest this pattern:
https://{oktaOrgUrl}/login/signout?fromURI={redirected logout url}

A couple of notes here.

  1. fromURI IS CASE SENSITIVE. I tried several combinations and they would all send the user back to the configured default app for sign-in widget and not the {redirected logout url}.

2.If using OpenId, I believe you need to ensure the {redirected logout url} in configured for Logout redirect URIs

  1. Lastly, make sure the domain of that redirect url in configured as a trusted origin (under Security > API link)


1 Like