OP logout request doesn't pass id_token_hint in parameter when OIDCSessionType set to "client-cookie"
rahulkumarcisco opened this issue · 2 comments
rahulkumarcisco commented
Okta op logout required to have a query parameter id_token_hint as below including post_logout_redirect_uri
https://dev-/<>.okta.com/oauth2/default/v1/logout?post_logout_redirect_uri=<redirect_uri>&id_token_hint=
However, triggering below redirect to OP where id_token_hint will be missing causing error when OIDCSessionType set to "client-cookie". It works well when OIDCSessionType set to "server-cache"
http://ip/oauth/callback?logout=<redirect_uri>&id_token_hint=
rahulkumarcisco commented
rahulkumarcisco commented
Adding Ankit.
Thanks,
Rahul
From: Hans Zandbelt ***@***.***>
Sent: 19 August 2022 19:56
To: zmartzone/mod_auth_openidc ***@***.***>
Cc: Kumar Rahul -X (kumrahu2 - WIPRO LIMITED at Cisco) ***@***.***>; Author ***@***.***>
Subject: Re: [zmartzone/mod_auth_openidc] OP logout request doesn't pass id_token_hint in parameter when OIDCSessionType set to "client-cookie" (Issue #908)
Closed #908<#908> as completed.
—
Reply to this email directly, view it on GitHub<#908 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ATZRGDGDBJMPU2MECPNYSKTVZ6KQTANCNFSM57A5LECQ>.
You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>