OIDC Web Application - Okta Logout Issue

sami · September 11, 2018, 5:33pm

We have OpenID Connect Web applications and we have implemented logout based on below Okta’s documentation. To logout you have to pass ID token value as id_token_hint parameter

Okta-logout_small

It works fine if id_token is not expired (within an hour). After successful logout (removing Okta browser session) it redirects user to post_logout_redirect_uri.
However, after an hour of active user session if you try to logout then you get below error from Okta

Error code: invalid token
Description: The token has expired
OktaLogout_error_small

With this current Okta’s RP-initiated logout implementation, how can any user who is using an application for more then 1 hour can successfully logout with Okta?

tom · September 12, 2018, 3:21pm

Hey @sami, I was talking to the PM this morning about this issue, this is logged and is more than likely going to be worked on in the next couple of sprints. I would send a note to developers@okta.com to get the timeline for the fix.

sami · September 12, 2018, 9:35pm

Thanks @tom, for the quick response.
This is very helpful.

thomas · September 26, 2018, 8:29pm

@tom Is there any update on when this is expected to be resolved?

sami · October 29, 2018, 6:01pm

@thomas this issue is fixed now and logout works fine with expired id_token
Can you try with your OIDC application?

system · January 12, 2024, 11:55pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.