Closed SeminDM closed 3 years ago
Can you share the fiddler trace files for both scenarios?
It is fiddler trace for logout from Edge
Please export and share the trace files, the screen shots don't have the details I need to see.
@Tratcher let me know if you need additional information or other trace files.
@Tratcher I encountered this problem on portal.azure.com. If I try to sign out from this portal then I see "sign-out" page with address: https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fportal.azure.com%3A443%2F&client_id=c44b4083...53cbdf3c&redirect_uri=https%3A%2F%2Fportal.azure.com%2Fsignin%2Findex%2F&site_id=501430&prompt=select_account&client-request-id=2e6505d9-ce54-4aac-9f59-95743b5aed04&x-client-SKU=ID_NET45&x-client-ver=5.3.0.0
It seems problem in AzureAD (or Chrome settings) but not in the OWIN.
That makes sense. I didn't find anything obvious when I looked at the traces. I'll close this until we find out otherwise.
Hello! I use OWIN and Azure AD for authentication in my app. Code is quite usual and simple but if need I can expose it. Problem is beginning here:
Logout doesn't work correctly with v2.0 endpoint: Azure AD vanishes cookies, redirects to specified PostLogoutURI, but Microsoft logout page remains.
Azure AD redirects to \Home\AzureADPostLogout correctly but result of the next redirect to \Home\Login is not rendered.
I suggest that problem is related to SameSite cookie flag but I configured chrome://flags/#same-site-by-default-cookies as Disabled and it doesn't help.
What does mean v2.0 and why it breaks logout? Thank you!