Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Skip logout prompt for IdentityServer4

Tags:

identityserver4

I'm working on a project that has both a website and an app that use the same IdentityServer4 to authenticate users. On the website, when a user logs out, he gets a confirmation screen to ask whether he's sure he wants to log out.

The problem is that on the app, we can't show the logout prompt because, well, it's an app written in Xamarin and we can't redirect to the logout prompt page.

Is there a way to disable the logout prompt when the request comes from the app?

like image 374
Ken Bonny Avatar asked Feb 07 '18 09:02

Ken Bonny

People also ask

How do I log out a user in identityserver?

Or you can use the convenience extension method that is provided by IdentityServer: Typically you should prompt the user for signout (meaning require a POST), otherwise an attacker could hotlink to your logout page causing the user to be automatically logged out.

How to SIGNOUT the user from the server-side client applications?

To signout the user from the server-side client applications via the back-channel spec the IBackChannelLogoutService service can be used. IdentityServer will automatically use this service when your logout page removes the user’s authentication cookie via a call to HttpContext.SignOutAsync .

What is logoutid and logout Cookie?

This creates a cookie capturing all the current state needed for signout and the logoutId identifies that cookie. This is typically used when there is no current logoutId and the logout page must capture the current user’s state needed for sign-out prior to redirecting to an external identity provider for signout.

How do I use reference tokens in identityserver4 and OpenID?

Full Server logout with IdentityServer4 and OpenID Connect Implicit Flow To use reference tokens in IdentityServer4, the client can be defined with the AccessTokenType property set to AccessTokenType.Reference.

2 Answers

I had the same problem and I solved it. This was first google response so I decided to put my answer here for others to see.

Solution: Inside IdentityServer4 Quick start project logic is already there and ready to configure it for user needs.

  1. Open SolutionName/Quickstart/Account/AccountOptions.cs
  2. Set ShowLogoutPrompt to false
  3. Set AutomaticRedirectAfterSignOut to true

Example

I hope this will help, good luck.

like image 125
Kroksys Avatar answered Sep 30 '22 16:09

Kroksys

The end session endpoint supports skipping confirmation if you pass a valid id_token_hint in the request.

The relevant spec is here: http://openid.net/specs/openid-connect-session-1_0.html#RPLogout

If a valid id_token is passed (i.e. the one you got when you signed in) then the OP should skip confirmation, do the sign out and then allow the user to be redirected to the post logout redirect URL (if supplied).

like image 20
mackie Avatar answered Sep 30 '22 17:09

mackie
Sign in to Comment

Related questions

Identity Server 4 Swagger Authentication
Identity Server 4 - Getting invalid_client error
Can we set a static issuer in Identity Server 4?
What is the relationship between OpenId Connect and IdentityServer and Identity?
How to enable sliding expiration in IdentityServer
Setup Identity Server 4 Reverse proxy
Identity Server 4 for NodeJS API
Set Bearer Token with nswag in ASP.NET Core 2.2
ASP Net Core IdentityServer, "The issuer is invalid" on production environment
My IUserClaimsPrincipalFactory implementation is causing StackOverflowException on IdentityServer4
How to configure the claim name of role in IdentityServer4/Identity
What's the added value of using IdentityServer 4 with ASP.NET Core Identity?
What is the correct method of setting the expiry of an access token in the Implicit Flow in IdentityServer4?
How do I add a custom claim to authentication cookie generated by OpenIdConnect middleware in ASP.Net Core after authentication?
WebApi Authorize attribute with services.AddIdentity returns 404 Not Found
Are wildcards allowed in IdentityServer Client Redirect Urls
IUserClaimsPrincipalFactory`1 not registered error in IndentityServer implementation
identityserver4 with redux -oidc client requested access token - but client is not configured to receive access tokens via browser
How do you create a API/IdentityServer/Blazor(server-side) application?
IdentityServer4 Net Core 2 not calling custom iProfileService

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!