Signing user out of Okta after authenticating the user for the application


We’re using the OAuth 2.0 endpoints and redirecting the user to Okta to login via IDP. The flow works well for us. However, if the user visits the domain for the SSO, they would remain signed in to the Okta application. Is there a way to prevent the user from being logged on to the Okta application without redirecting the user to /v1/logout after getting the authorisation token?

Thank you!


  • You could use close current session but this will require 3rd party cookies to be enabled.
  • You could also create a sign-on policy/rule for these users so their Okta session would expire after 1 minute.
  • You could also not allow these users to access the Okta Dashboard application. To do this create a sign-on policy rule in the dashboard application which would not allow access to a group and add all these users to that group.

Hi Erik,

Indeed, our problem was that users could see the dashboard. We’ve changed the access of it from everyone to a specific group. Thanks for the assistance!

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.