feathers icon indicating copy to clipboard operation
feathers copied to clipboard
verified publisher icon feathersjs

Feathers OAuth should support logout

Open burn2delete opened this issue 6 years ago • 1 comments

When using private directory services such as Azure AD B2C. Logging out of the current app session is not enough to log the user out of the session. By attempting to authenticate again the user is logged in without requesting a password.

Feathers should accept a logout_url and redirect the user to the url when logging out, additionally this would require the jwt to store which strategy was used to authenticate and use the appropriate logout_url.

As private directory services do not have additional means to logout a user we are required to implement this solution locally. Currently we redirect the user on the logout event, however this only works when you are using a single OAuth provider.

burn2delete avatar Oct 23 '19 19:10 burn2delete

Is there an update on this?

JerryLeeCS avatar Aug 05 '20 16:08 JerryLeeCS