If I click ‘Log out’ and then ‘Log in’ again, I am not asked for my username & password again and I’m logged straight in.
How can I ensure that the user is fully logged out and will be required to enter username/password when they log in the second time?
Also, when clicking ‘Register’ it won’t refer me to the registration page.
I am using Flask, Python.
Thanks!
How is your Log Out button logging the user out? Is it designed to end the user’s Okta session, or is this an OIDC app that’s simply clearing an application session?
Most likely you will want to configure the logout button to do both. You can end the user’s Okta session (so they are prompted to re-authenticate) using either a CORS request to the Sessions endpoint or, if this is an OIDC app, redirecting to the OIDC logout endpoint.