Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

signoutRedirect of oidc-client-js against Auth0 returns no end session endpoint

Tags:

auth0

oidc-client-js

I've successfully used the oidc-client-js library by Brock Allen to authenticate my SPA app with Auth0 acting as my Identity Provider. However, when I try to use the library to sign the user out mgr.signoutRedirect({state: "my test"}), I receive an error: no end session endpoint.

enter image description here

A look at the metadata endpoint shows that there is a revocation endpoint.

I've configured the oidc-client-js library like so:

var settings = {
   authority: 'https://susqsofttest.auth0.com/.well-known/openid-configuration',
   client_id: 'my client id',
   redirect_uri: 'http://localhost:8080/signin-oidc',
   post_logout_redirect_uri: 'http://localhost:8080/logout',
   response_type: 'id_token token',
   scope: 'openid profile email',
   revokeAccessTokenOnSignout: true,
   automaticSilentRenew: true,
   filterProtocolClaims: true,
   loadUserInfo: true
};
var mgr = new UserManager(settings);

Any ideas of what I'm missing?

like image 207
RHarris Avatar asked Jun 13 '18 19:06

RHarris

1 Answers

You can give metadata for oidc client by adding metadata section to user manager settings.

var settings = {
authority: 'https://susqsofttest.auth0.com/.well-known/openid-configuration',
client_id: 'my client id',
redirect_uri: 'http://localhost:8080/signin-oidc',
post_logout_redirect_uri: 'http://localhost:8080/logout',
response_type: 'id_token token',
scope: 'openid profile email',
revokeAccessTokenOnSignout: true,
automaticSilentRenew: true,
filterProtocolClaims: true,
loadUserInfo: true,
metadata: {
  issuer: `https://sts.windows.net/${tenant}/`,
  authorization_endpoint: `https://login.microsoftonline.com/${tenant}/oauth2/authorize`,
  token_endpoint: `https://login.microsoftonline.com/${tenant}/oauth2/token`,
  jwks_uri: 'https://login.microsoftonline.com/common/discovery/keys',
  end_session_endpoint: `https://login.microsoftonline.com/${tenant}/oauth2/logout`
}
};

This example is when using AzureAD. end_session_endpoint can be also your SPA route address like ${window.location.origin}/logout but then azure ad session won't end.

You can also set metadataUrl instead of metadata. 'https://login.microsoftonline.com/YOUR_TENANT_NAME.onmicrosoft.com/.well-known/openid-configuration',

like image 61
Janne Harju Avatar answered Sep 20 '22 12:09

Janne Harju
Sign in to Comment

Related questions

NestJS Authentication with Auth0 via `passport-jwt`
Azure mobile apps custom authentication with Cordova
Django + Auth0 JWT authentication refusing to decode
How to avoid/fix "Auth0Lock is not defined" exception
Cookies with a SameSite policy enforced are blocked in iOS 12 for SSO flows involving cross-origin requests
Will the "Sub" claim in an Auth0 JWT always be unique?
React: How to mock Auth0 for testing with Jest
How to use vuejs routing with history fallback and expressjs routes
Auth0 authorizor rejects JWT token from service - "jwt issuer invalid. expected: https://myservice.auth0.com"
Using jwt-decode with typescript front-end project
Using multiple authentication providers in C# .net core
Firebase + auth0 authentication
How to prevent PWA from opening links and Auth0 single sign in authentication in new Safari Window
How can I unlink account between Actions on Google and Auth0
XCTestCase with Auth0: How to dismiss security alert “XXXX” Wants to Use “auth0.com” to Sign In
Auth0.com, how does it really work?
Angular imported modules do not wait for APP_INITIALIZER
AWS API Gateway authentication error IncompleteSignatureException using JWT with Auth0
How do I pass configuration options to an Auth0 hosted page using the JS API?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!