Currently the logout redirect URI is hardcoded to the root site that YOURLS is configured for and null is passed for the ID token which is needed to logout of the YOURLS user session with the IDP. The ID token is neither stored nor passed to the logout call which results in a error on logout saying that the client_id is missing. Please note that while I am using OKTA the OIDC spec has this as a standard for IDP logout.
Currently the logout redirect URI is hardcoded to the root site that YOURLS is configured for and null is passed for the ID token which is needed to logout of the YOURLS user session with the IDP. The ID token is neither stored nor passed to the logout call which results in a error on logout saying that the client_id is missing. Please note that while I am using OKTA the OIDC spec has this as a standard for IDP logout.
References