oktaAuth.signOut & id_token_hint

subs · September 20, 2021, 2:28pm

Hello,

I am using, @okta/okta-react, and trying to sign somebody out of the react application and Okta.

When I call the signOut() it redirects me to an error page, see below. If I then refresh the page, I get another error saying that the id_token_hint is undefined. Is the value of id_token_hint supposed to be the token?

How do I get around the error and make sure id_token_hint is not null?

const logout = async () => {
		/* await oktaAuth.revokeAccessToken(); */ 
		await oktaAuth.signOut({
			id_token_hint: token,
			idToken: token,
			postLogoutRedirectUri: `${process.env.REACT_APP_BASE_PATH}/`,
			client_id: `${process.env.REACT_APP_CLIENT_ID}`,
		});
	}

andrea · September 20, 2021, 3:09pm

Yes, the value for id_token_hint is the raw JWT string ID token. If you are using OWIN directly, I’ve seen something like this happen before, where the id token is not available during logout due to it having expired, so you may need to manually fetch the id_token and make your own request to the /logout endpoint.

subs · September 20, 2021, 3:17pm

Thanks for replying Andrea.

I am trying to logout using the /logout endpoint and it isn’t redirecting to the post_logout_redirect_uri it just takes me to the Okta Login page.

https://mycompany.okta.com/oauth2/v1/logout?id_token_hint=[token]&post_logout_redirect_uri=http://localhost:3000/

http://localhost:3000/ is listed under Sign-out Redirect URIs in Okta Admin.

subs · September 20, 2021, 8:01pm

Just to close the loop/thread. I got it working and this is what my logout function looks like now. The issues seemed to be that the oktaAuth.isAuthenticated was remaining true until I called closeSession()

	const logout = async () => {
		oktaAuth.tokenManager.remove(oktaAuth.getAccessToken());
		oktaAuth.closeSession()
			.then(() => {
				//window.location.reload(); // optional
			})
			.catch(e => {
				if (e.xhr && e.xhr.status === 429) {
					// Too many requests
				}
		})
		window.location.href = `${process.env.REACT_APP_ISSUER}oauth2/v1/logout?id_token_hint=${token}&post_logout_redirect_uri=${process.env.REACT_APP_BASE_PATH}`
	};

system · September 21, 2021, 8:02pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Okta logging out OAuth/OIDC	2	620	June 16, 2024
Help with /logout Questions	7	6315	January 31, 2020
Python Flask - How to get the id_token_hint to logout user Questions	2	4674	May 14, 2020
Okta raw logout Questions	4	4525	December 11, 2020
OIDC / Logout without id_token_hint Questions	2	4506	January 25, 2024

oktaAuth.signOut & id_token_hint

Related topics