OIDC Web app - error 400 on login out


After a successful login, I can get userinfo with the token in an authorization header.
userinfo endpoint : https://dev-69856395.okta.com/oauth2/default/v1/userinfo

But I can’t logout, I have a 400 Bad Request without any information about the error.

I’ve also tried with a post_logout_redirect_uri parameter and a state parameter, without success.

Any idea ?

Hi, can you check that the ID token that you pass in the id_token_hint is not invalid.

Because according to docs OpenID Connect & OAuth 2.0 API | Okta Developer, If the ID token passed via id_token_hint is invalid, the browser is redirected to an error page.

Also I see that you are using the same {token} variable between both the introspect and the logout call. The introspect endpoint needs a Access Token, while the logout endpoint works with ID Token

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.