Remove hard-coded logout endpoint for broader provider compatibility

Question

Remove hard-coded logout endpoint for broader provider compatibility

chesspro13 opened this issue 2 months ago · comments

Checklist

I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
I have looked into the API documentation and have not found a suitable solution or answer.
I have searched the issues and have not found a suitable solution or answer.
I have searched the Auth0 Community forums and have not found a suitable solution or answer.
I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

When using express-openid-connect to authenticate users with Authentik, the logout URI endpoint is hardcoded to be /v2/logout where Authentik's logout endpoint is /end-session/.

Describe the ideal solution

Remove hard-coded logout endpoints and add it as a config parameter.

Alternatives and current workarounds

No response

Additional context

No response

Frederik Prijck · Answer 1 · Mon May 20 2024 05:56:07 GMT+0800 (China Standard Time)

Can you elaborate on what the problem is? We only hardcode that URL in the case when Auth0 is used, which is done here.

If it's not auth0, we expect the logout url to be defined in the end_session_endpoint, as per the OIDC specification.

chesspro13 · Answer 2 · Mon May 20 2024 11:39:01 GMT+0800 (China Standard Time)

I overlooked that. Thank you for your time.