Pasting in logout from URL into the browser returns a 400 Bad Request

Hello!

I’ve started testing with multiple users and so far the only way I can successfully log out of OKTA is to restart my PC. When I was working with Entra ID, I was able to paste the logout URL into the browser, then restart the browser.

However, when I paste the logout URL for my OKTA app into the browser, it returns a 400 Bad Request.

This is the URL I’m using to try to logout:

https://dev-60265957.okta.com/oauth2/v1/logout

I’m getting the logout URL from the the well-known configuration for my application:

https://dev-60265957.okta.com/.well-known/openid-configuration

I remember having an issue with using one of the URLs from the app’s well-know configuration before. As I recall, it should have been instead taken from the default server.

Is this another situation where it should be using the default server URL instead of the app specific one? If so, where to find the default well-know configuration page?

Thanks!

For the OIDC Logout endpoint, you must include an id_token_hint parameter in order for logout to occur. You are most likely encountering a 400 error because you are not including this required parameter in your request. More info about this endpoint can be found in our docs.

So if when logging out of an OpenID Connect application, your application could redirect you to the /logout endpoint and include the ID Token it was issued for the user as the id_token_hint, which will close the Okta session.

1 Like