oktaAuth.signOut & id_token_hint

Hello,

I am using, @okta/okta-react, and trying to sign somebody out of the react application and Okta.

When I call the signOut() it redirects me to an error page, see below. If I then refresh the page, I get another error saying that the id_token_hint is undefined. Is the value of id_token_hint supposed to be the token?

How do I get around the error and make sure id_token_hint is not null?

const logout = async () => {
		/* await oktaAuth.revokeAccessToken(); */ 
		await oktaAuth.signOut({
			id_token_hint: token,
			idToken: token,
			postLogoutRedirectUri: `${process.env.REACT_APP_BASE_PATH}/`,
			client_id: `${process.env.REACT_APP_CLIENT_ID}`,
		});
	}

Yes, the value for id_token_hint is the raw JWT string ID token. If you are using OWIN directly, I’ve seen something like this happen before, where the id token is not available during logout due to it having expired, so you may need to manually fetch the id_token and make your own request to the /logout endpoint.

Thanks for replying Andrea.

I am trying to logout using the /logout endpoint and it isn’t redirecting to the post_logout_redirect_uri it just takes me to the Okta Login page.

https://mycompany.okta.com/oauth2/v1/logout?id_token_hint=[token]&post_logout_redirect_uri=http://localhost:3000/

http://localhost:3000/ is listed under Sign-out Redirect URIs in Okta Admin.

Just to close the loop/thread. I got it working and this is what my logout function looks like now. The issues seemed to be that the oktaAuth.isAuthenticated was remaining true until I called closeSession()

	const logout = async () => {
		oktaAuth.tokenManager.remove(oktaAuth.getAccessToken());
		oktaAuth.closeSession()
			.then(() => {
				//window.location.reload(); // optional
			})
			.catch(e => {
				if (e.xhr && e.xhr.status === 429) {
					// Too many requests
				}
		})
		window.location.href = `${process.env.REACT_APP_ISSUER}oauth2/v1/logout?id_token_hint=${token}&post_logout_redirect_uri=${process.env.REACT_APP_BASE_PATH}`
	};
1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.