Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feathers OAuth should support logout #1640

Open
burn2delete opened this issue Oct 23, 2019 · 1 comment
Open

Feathers OAuth should support logout #1640

burn2delete opened this issue Oct 23, 2019 · 1 comment
Labels
Authentication

Comments

@burn2delete
Copy link
Contributor

When using private directory services such as Azure AD B2C. Logging out of the current app session is not enough to log the user out of the session. By attempting to authenticate again the user is logged in without requesting a password.

Feathers should accept a logout_url and redirect the user to the url when logging out, additionally this would require the jwt to store which strategy was used to authenticate and use the appropriate logout_url.

As private directory services do not have additional means to logout a user we are required to implement this solution locally. Currently we redirect the user on the logout event, however this only works when you are using a single OAuth provider.
@JerryLeeCS
Copy link

Is there an update on this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Authentication
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@burn2delete @ekryski @JerryLeeCS