Federated Logout for Custom Social Connection
Last Updated:
Overview
Applies To
- Custom social connection
Cause
Solution
Please see the sample script that will call the logout endpoint of the IDP tenant and return it to the main tenant:
function getLogoutUrl(params, callback) {
let mainTenantHost = `https://yourtenant-idp.us.auth0.com`;
let mainTenantAppId = `appIdinYourMainTenant`;
let thisTenantHost = `https://yourtenant.us.auth0.com`;
let mainTenantLogout = `${mainTenantHost}/logout`;
if (params.query.returnTo && params.query.client_id) {
let returnToApplication = encodeURIComponent(params.query.returnTo);
let returnToThisTenant = `${thisTenantHost}/logout?client_id=${params.query.client_id}%26returnTo=${returnToApplication}`;
mainTenantLogout = `${mainTenantLogout}?client_id=${mainTenantAppId}&returnTo=${returnToThisTenant}`;
}
callback(null, mainTenantLogout);
}
Sample Payload to send to the PATCH /api/v2/connections/{id} endpoint:
{
"options": {
"scope": "openid email profile",
"scripts": {
"getLogoutUrl": "function getLogoutUrl(params, callback) { let mainTenantHost = `https://yourtenant-idp.us.auth0.com`; let mainTenantAppId = `appIdinYourMainTenant`; let thisTenantHost = `https://yourtenant.us.auth0.com`; let mainTenantLogout = `${mainTenantHost}/logout`; if (params.query.returnTo && params.query.client_id) { let returnToApplication = encodeURIComponent(params.query.returnTo); let returnToThisTenant = `${thisTenantHost}/logout?client_id=${params.query.client_id}%26returnTo=${returnToApplication}`; mainTenantLogout = `${mainTenantLogout}?client_id=${mainTenantAppId}&returnTo=${returnToThisTenant}`; } callback(null, mainTenantLogout); }",
"fetchUserProfile": "fetchUserProfileScriptHere"
},
"tokenURL": "https://yourIdpDomain/oauth/token",
"client_id": "someClientId",
"authorizationURL": "https://yourIdpDomain/authorize"
}
}
