Okta logging out

I’m trying to implement logging out for Okta in a NodeJs app, where if the user sign out, the app logs out of the Okta session, and subsequent sign in requires going through Okta SSO again. I see this route:
GET https://${baseUrl}/logout?id_token_hint=${id_token}

I don’t know what the {id_token} is and how to get it.

My current implementation is:

let id_token
passport.use('oidc', new Strategy({
  issuer: `https://${OKTA_DOMAIN}/oauth2/default`,
  authorizationURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/authorize`,
  tokenURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/token`,
  userInfoURL: `https://${OKTA_DOMAIN}/oauth2/default/v1/userinfo`,
  clientID: `${CLIENT_ID}`,
  clientSecret: `${CLIENT_SECRET}`,
  callbackURL: `http://localhost:${PORT}/authorization-code/callback`,
  scope: 'openid profile'
}, (issuer, profile, context, idToken, accessToken, refreshToken, params, done) => {
  console.log(`OIDC response: ${JSON.stringify({
    issuer, profile, context, idToken,
    accessToken, refreshToken, params
  }, null, 2)}\n*****`);
  id_token = idToken;
  return done(null, profile);
}));

However, the token returned is invalid, and I got a 400 error instead.

Any help is appreciated

Here’s some information about ID Tokens

Are you using one of our sdks? Do you get an idToken in the response that you’re logging?