Okta logging out

VuLe · May 1, 2024, 2:17am

I’m trying to implement logging out for Okta in a NodeJs app, where if the user sign out, the app logs out of the Okta session, and subsequent sign in requires going through Okta SSO again. I see this route:
GET https://${baseUrl}/logout?id_token_hint=${id_token}

I don’t know what the {id_token} is and how to get it.

My current implementation is:

let id_token
passport.use('oidc', new Strategy({
  issuer: `https://${OKTA_DOMAIN}/oauth2/default`,
  authorizationURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/authorize`,
  tokenURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/token`,
  userInfoURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/userinfo`,
  clientID: `${CLIENT_ID}`,
  clientSecret: `${CLIENT_SECRET}`,
  callbackURL: `http://localhost:${PORT}/authorization-code/callback`,
  scope: 'openid profile'
}, (issuer, profile, context, idToken, accessToken, refreshToken, params, done) => {
  console.log(`OIDC response: ${JSON.stringify({
    issuer, profile, context, idToken,
    accessToken, refreshToken, params
  }, null, 2)}\n*****`);
  id_token = idToken;
  return done(null, profile);
}));

However, the token returned is invalid, and I got a 400 error instead.

Any help is appreciated

nicole · May 15, 2024, 7:39pm

Here’s some information about ID Tokens

Are you using one of our sdks? Do you get an idToken in the response that you’re logging?

system · June 16, 2024, 9:52am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Post		Replies	Views
Logging out of an Okta authenticated flask app Questions	5	8204	March 1, 2021
[OIDC] Logout without having the original Id Token? OAuth/OIDC	5	7210	April 21, 2020
Really need someone to walk me through this Questions	3	3531	September 15, 2020
Can't logout from Okta App (Express, passport-oidc) OAuth/OIDC	3	4764	August 17, 2020
oktaAuth.signOut & id_token_hint Questions	4	5592	September 20, 2021

Okta logging out

Related topics