Closed alizaidi606 closed 1 year ago
Hi @alizaidi606 I'm not able to reproduce this. Do you see any errors in the logs? Can you recreate this with one of our samples? https://github.com/okta/samples-android/tree/master/browser-sign-in
@JayNewstrom thanks for the response, let me try this with this sample.
@JayNewstrom same behavior with this sample as well, signOutOfOkta
does signs out from the application but the session persists in the device browser.
Can you tell me more about how your org is setup in the Okta admin dashboard, or reach out to support. This is definitely a behavior that we shouldn't see, but I can't reproduce it.
Ok, let me try reaching out to the support as I am not sure I'll be able to explain everything here.
Just to re-confirm upon calling webAuthClient.signOutOfOkta
, the device browser session should also clear right? not just the custom-tabs session.
In my case I tried with Gmail and also our organization g-suite domain and both remain logged in to the device browser after webAuthClient.signOutOfOkta
.
Signing out of Okta will not sign you out of social IdP (such as Google), if you're signing in with them. If your org is setup to always use that social IdP, it will try to recreate your Okta session using the social IdP, which might make it seem like your Okta session wasn't removed.
I'm going to close this issue for now, but if something new comes up, let me know and I can reopen.
Describe the bug?
When the login cycle initiates it opens custom tabs based browser where after entering credentials it successfully redirects back to the app. A session is also created in the device browser.
But when
signOutOfOkta
is called, the SDK does not clear the device browser's session.What is expected to happen?
Since the device browser session is created upon
webAuthClient.signIn
it should also be cleared onwebAuthClient.signOutOfOkta
.What is the actual behavior?
The device browser session is not cleared and the user remains logged in to the device browser.
Reproduction Steps?
webAuthClient.signIn
method and perform sign insignOutOfOkta
successfully signs out and can be confirmed withwebAuthClient.getSessionClient().isAuthenticated()
Additional Information?
No response
SDK Version
Tested on Android 9
Build Information
No response