search

jbreuer / Umbraco-OpenIdConnect-Example

An example to show how Umbraco and OpenIdConnect work together
MIT License
29 stars 9 forks source link

Still logged in after signing out from another system #7

Closed drpeck closed 8 months ago

drpeck commented 9 months ago

I believe this is a flaw in the example, but I would love to be corrected. I'd love even more if you have any idea how to resolve it.

Logging out using this code works fine because we expire our auth cookie. However I think there is a problem with the following user journey.

  1. Login to our app
  2. Go to another app with the same SSO
  3. Go out on that other app
  4. Return to our app

In this scenario we have logged out via SSO, but we are still logged in on our app.

drpeck commented 8 months ago

I didn't understand that this is a feature of Identity Server 4, and not OpenId Connect