OP logout request doesn't pass id_token_hint in parameter when OIDCSessionType set to "client-cookie"

Question

OP logout request doesn't pass id_token_hint in parameter when OIDCSessionType set to "client-cookie"

rahulkumarcisco opened this issue 2 years ago · 2 comments

Okta op logout required to have a query parameter id_token_hint as below including post_logout_redirect_uri
https://dev-/<>.okta.com/oauth2/default/v1/logout?post_logout_redirect_uri=<redirect_uri>&id_token_hint=

However, triggering below redirect to OP where id_token_hint will be missing causing error when OIDCSessionType set to "client-cookie". It works well when OIDCSessionType set to "server-cache"

http://ip/oauth/callback?logout=<redirect_uri>&id_token_hint=

rahulkumarcisco commented 2 years ago

#812

Answer 1 · 2022-08-23T15:34:07.000Z

Adding Ankit. Thanks, Rahul From: Hans Zandbelt ***@***.***> Sent: 19 August 2022 19:56 To: zmartzone/mod_auth_openidc ***@***.***> Cc: Kumar Rahul -X (kumrahu2 - WIPRO LIMITED at Cisco) ***@***.***>; Author ***@***.***> Subject: Re: [zmartzone/mod_auth_openidc] OP logout request doesn't pass id_token_hint in parameter when OIDCSessionType set to "client-cookie" (Issue #908) Closed #908<#908> as completed. — Reply to this email directly, view it on GitHub<#908 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ATZRGDGDBJMPU2MECPNYSKTVZ6KQTANCNFSM57A5LECQ>. You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>