signoutRedirect of oidc-client-js against Auth0 returns no end session endpoint
I've successfully used the oidc-client-js library by Brock Allen to authenticate my SPA app with Auth0 acting as my Identity Provider. However, when I try to use the library to sign the user out mgr.signoutRedirect({state: "my test"}), I receive an error: no end session endpoint.
A look at the metadata endpoint shows that there is a revocation endpoint.
I've configured the oidc-client-js library like so:
var settings = {
authority: 'https://susqsofttest.auth0.com/.well-known/openid-configuration',
client_id: 'my client id',
redirect_uri: 'http://localhost:8080/signin-oidc',
post_logout_redirect_uri: 'http://localhost:8080/logout',
response_type: 'id_token token',
scope: 'openid profile email',
revokeAccessTokenOnSignout: true,
automaticSilentRenew: true,
filterProtocolClaims: true,
loadUserInfo: true
};
var mgr = new UserManager(settings);
Any ideas of what I'm missing?
signout redirect explicitly looking at the Json property "end_session_endpoint" in your idp configuration, I do not see that endpoint in your idp configuration, and I guess, this is not something that you can override with oidc-client.js package.
Check this out on how they are retrieving the endpoint url from metadata. https://github.com/IdentityModel/oidc-client-js/blob/dev/src/OidcClient.js#L124
- Not sure where to request Google Contacts API scopes when using Auth0 + Next.js
- Integrating Auth0 Signin in Laravel 10: Restricting Login to Auth0 Credentials or OTP Only [Resolved]
- PyJWT installed but keey getting: ModuleNotFoundError: No module named 'jwt'
- How can Authorization Code Flow with PKCE be more secure than Authorization Code Flow without client_secret
- How can I mock auth0 authentication for testing?
- Spring Boot 3.3.2 with Spring Security 6.3.1 issue (no support of auth0-spring-security-api with Spring Framework 3.3.2)
- Auth0 Signout issue - User href works but router.push doesnt?
- Auth0 plus Capacitor plus React not recognising login
- Unexpected JWT alg received, expected RS256, got: HS256
- Auth0 Nextjs to Protected Api
- Login with Auth0 was successful but still a 401 'access denied' is returned?
- JWT token location in Blazor WASM
- How can the browser show an incorrect URL?
- How to write unit test for SecurityConfig for spring security
- How does browser is directed to new URL when last respone's code is 200 instead of 301
- How to set an AuthorizationRequestCustomizer on a DefaultOAuth2AuthorizationRequestResolver?
- Extracting Parameter Values Returned by APEX_AUTHENTICATION.CALLBACK?
- ABP.IO - MultiTenancy - Setting Tenant from External IDP
- How can I resolve "Error: You forgot to wrap your app in <UserProvider>" in NextJS 14 app
- How do I integrate envoy as a gateway, auth0 as an authentication system and OPA as an authorization system?
- Hoppscotch Pre-request Script async request
- Migrate AWS Cognito users to Auth0
- java-jwt with public/private keys
- User authentication + dynamic routing problems (Auth0 & next.js App Router)
- Universal login page appearence changed after I integrated server part
- While sending request to Auth0 to get access token, is it possible to hide payload with secret keys which are visible?
- access token from auth0provider outside of react components
- Error 401 on Angular-NestJs page when refreshing token with Auth0
- How to refactor common react code for a sign in redirect?
- How to auto redirect to Auth0 IDP from Azure AD B2C custom polcieis based on certain condition