I’ve recently got Okta authentication working and bringing over AD groups as claims, to use as roles.
Before, when I was using Forms authentication, I could click my user name (in the top right corner) and have a Logout button. Unfortunately, using Okta authentication I no longer have this. Clicking my user name does nothing.
I’m concerned with AD Group memberships changing, and users not able to logout and back in again to get their new roles assigned.
How can I provide a Logout button when using Okta authentication? I found some threads talking about using the API Endpoint ‘/api/v1/signout’, but before I go coding a custom button, link, or other solution; is there a built in way of having the Logout button?
We actually have an open issue for this. This is more about logging out of OpenID Connect and not just PSU. Logging out of PSU will clear the cookie but the user will still be logged into OIDC.
You can clear the login cookie within PSU by redirecting the user to the signout URL and then redirecting them somewhere else.
Good to know you’re on top of issues, before I even know there is an issue…LOL. I may play around with what you gave me for “clear the login cookie within PSU”, but knowing this fix is on the way I’ll probably just wait for it
We are using Azure for authentication, I found that directing to the Azure signout URL with a redirect to the PSU signout will sign the user out of Azure and bring them back to login prompt for Azure at the return URL. Here is an example.
