Logout not working with ODIC and Authentik (or Keycloak)

Question

Logout not working with ODIC and Authentik (or Keycloak)

Closed this issue a month ago · 3 comments

In this case ODIC + Authentik or Keycloak is used. Which are both working according to the same principles.

I would expect after clicking on "logout" that I am not logged in anymore after page refresh. Sadly, Outline is unable to just delete the session.

The discussion related to it can be found here #3672

I consider it a bug, as there is a logout function that is not (properly) working (= not logging the user out and terminating the session).

For security such functionalities are essential, yet alone for compliance.

Answer 1 · 2024-05-14T12:17:04.000Z

OLN-381 Logout not working with ODIC and Authentik (or Keycloak)

Answer 2 · 2024-05-14T12:31:43.000Z

Did you set the OIDC_LOGOUT_URI correctly? This has been available for a while

Answer 3 · 2024-05-15T12:12:08.000Z

Did you set the OIDC_LOGOUT_URI correctly? This has been available for a while

Hey, thank you very much! I checked the config and found out I haven't set the env var (docker). My bad!

Though I was not sure either whether that env var works at all, because the issue #3672 does not give clear indications whether it got introduced or not. Maybe you could clarify that in the issue.

Furthermore there are issues with Authentik and Logout routes, but I found a way to make it happening. If anyone is interested, kindly refer to this discussion, where I documented that goauthentik/authentik#9737

Thank you very much! Great work!