Skip to content

Be logged out on IDP side #4989

New issue
New issue
Closed
#6092
Closed
Be logged out on IDP side#4989
#6092
Assignees
haywoodshj1m-ryan
Labels
backlogPull requests/issues that are backlog itemsepicIssues that need to be broken into smaller issuesproposalAn issue that proposes a feature request
Milestone
 
v3.7.0
@llomgui

Description

@llomgui
llomgui
opened on Jan 26, 2024

Is your feature request related to a problem? Please describe.
With the current oidc configuration, if you go on https://domain.org/logout, it only clears the cookies from Nginx perspective, not from IDP.
As describe in Auth0 documentation, you need to redirect the user on IDP's logout endpoint.

Describe the solution you'd like
The solution is to redirect the user on IDP's logout endpoint with the correct arguments.
On the IDP side, you can specify the Nginx logout endpoint /_logout and then Nginx will redirect to a final page https://domain.org/login.

Nginx teams already done that in a previous project. Not implemented on this one.
https://github.com/nginx-openid-connect/nginx-oidc-auth0/blob/main/oidc.js#L178
https://github.com/nginx-openid-connect/nginx-oidc-auth0/blob/main/oidc_nginx_server.conf#L132

### UACs
- [x] Test and validate changes in https://github.com/nginxinc/kubernetes-ingress/pull/4986 with [updates merged to NGINX OIDC repo](https://github.com/nginxinc/nginx-openid-connect/pull/96)

Metadata

Metadata

Assignees

Labels

backlogPull requests/issues that are backlog itemsepicIssues that need to be broken into smaller issuesproposalAn issue that proposes a feature request

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions