Localhost - works at Angular V9 but fails at Angular V14
http://localhost:4200/logged-out
Dev - works at Angular V9 but fails at Angular V14
https://blablabla.cloudfront.net/logged-out/
and for login it stuck with - works at Angular V9 but fails at Angular V14
https://blablabla.cloudfront.net/callback?code=someRandomToken
And this logout url is listed at server.
Putting default gives security issue, which opens a path for unauthorised person to login.
So I put issuer id at the place of default.
Thank you for that info. Are you using the same version of Okta libraries when changing Angular versions?
Let’s try a double-check. I created a branch to update the Okta Angular quickstart to v14. Can you try cloning it and updating the config with your configuration values and see if you can sign in and sign out? I just tried it locally, and I don’t see any errors. Let’s see if we can isolate the issue.
And for local during sign out it has some cors error:
Access to fetch at ‘https://blablabla.okta.com/oauth2/jsdjdsbdjbjdbbjdksd/v1/revoke’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.
The local sign-out CORS error is because http://localhost:4200/logged-out hasn’t been added as a trusted origin in your Okta application. Please see this documentation.
Ok, I re-read your post, and I see I conflated your callback redirect URL and sign-out redirect URL. According to the documentation, if you use postLogoutRedirectUri property when calling signOut, the URL needs to be added to your Okta org’s configuration. If I try this property in the quickstart without adding the URL configuration, I see a 400 bad request error. What error do you see?