We recently updated from Classic engine to Identity Engine which changed the SSO cookie from “sid” to “idx”. But we noticed the logout URL
https://<custom-domain>/login/signout
deletes the “sid” cookie but does not delete the “idx” cookie. This leave the user with a dangling “idx” cookie,
Is this a bug?
Are you trying to log users out from an OpenID Connect application? If so, you can using the /v1/logout endpoint to end the user’s Okta session, and that should clean up that idx cookie.
Thenks, the problem is sometimes they will return or share a device with someone else, and the old idx token is still there but we no longer have the id-token to log them out.
Do you know if there Is there any logout URL that will remove the idx cookies and session without having to specify the id-token?
The only endpoint I’m aware of that would support this is a bit more nuclear, and allows you to end all sessions for a user.
Note that you will need a valid API Token/bearer token issued to an Admin user to make this request.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.