OpenID Okta Logout

I am integrating Okta in one of my Laravel application. I am facing some issues with the logout functionality.

I have followed the methods mentioned in the documentation,

https://developer.okta.com/docs/reference/api/oidc/#logout
https://developer.okta.com/docs/reference/api/sessions/#close-current-session

Both the way of implementing is throwing error.
When I am trying with the logout API, it is throwing an error,
404 Not Found` response

When I go with the method ‘close current session’, it shows an error,
‘{“errorCode”:“E0000007”,“errorSummary”:“Not found: Resource not found: me (Session)”,“errorLink”:“E0000007”,“errorId”:“oaeccClXJwQQ-6pB4oVjHAdGA”,“errorCauses”:[]}’

Should I consider anything more mentioned in the documentation?
Please help me to fix this.
Thanks in advance.

Hi @adarshknstek

/api/v1/sessions/me is used by the client-side channel to read details about the user that is logged in and also close his/hers session. From the server side channel, the application does not have access to this endpoint and, as such, the best solution would be to generate a JavaScript code to send the DELETE request to the endpoint to close the user’s session in Okta.

Hi,

Thank you for the response.

Can you please share a sample code or link to the documentation.

Regards,

Adarsh Sukumaran

Hi,

I have tried another approach provided in the documentation,

https://developer.okta.com/docs/reference/api/oidc/#logout

https://{baseUrl}/logout?id_token_hint=${id_token}

It throws a ‘Client error:’, ‘404 Not Found’.

In the URL, the ’
id_token_hint’ is the ‘id_token’ returned from Okta after login.

We are using ‘Socialite’ for singe sign-on and ‘GuzzleClient’ for the CURL requests as it is a Laravel application.

Thanks

Adarsh

Hey, did you get any further with this? I’ve run into the same thing!

Hi!

It could be a few things. Perhaps the ID token has expired before @adarshknstek tested the logout call? You might also see this error if the ID token is invalid.

@jlcain3 what error are you seeing?

Hey,

I have fixed the error - I was saving the wrong token to the user when I originally logged the user in so when I returned that token to logout it was invalid! Hope this helps someone else.

1 Like