Identityserver4: Post Logout Redirect Not Working (Again)...
What is the secret to getting post logout redirect to work?
As I was working through the samples, I came across issue #627. Using the suggestion outlined in this issue, I changed the value of the PostLogoutRedirectUris property of the Client object to add /signout-callback-oidc to the URI. This seems to have worked, albeit temporarily.
I then moved on to the issue of logging out after the cookie expires and found the necessary information in issues #656 and #701.
Somewhere along the way, the redirect after logout stopped working. I am not sure what to check to see where things have once again gone wrong. To make matters worse, I have hacked at a lot of things to get the second issue I was working on to behave as expected. Can you please educate a bit on things to look for so I can refine my troubleshooting process?
jrichmeier
All 8 comments
logging and all that?
leastprivilege
on 1 Mar 2017
Check you only have one PostLogoutRedirectUri record for the client. If you have more than one it can't show you the return to application link.
jimbo74
on 3 Mar 2017
Check you only have one PostLogoutRedirectUri record for the client. If you have more than one it can't show you the return to application link.
I'm not sure this is correct, unless you're saying you think there's a bug in IdentityServer?
brockallen
on 3 Mar 2017
Knowing that the sample project I have been working on has been hacked many times over, I decided to look at how the reference implementation behaves.
Using the reference implementation as-is, the behavior that I have described as not working actually works. That said, I am convinced that it is something different between both projects. I performed a cursory look to see if I could figure out the differences but didn't see anything immediate.
Rather than keep this issue open, I am going to close it for now and re-open it should the issue arise again in such a fashion that I can better document / describe the changes I have made.
jrichmeier
on 3 Mar 2017
this may not be relevant but I was having a similar issue and the problem turned out to be my logout method was this:
await HttpContext.Authentication.SignOutAsync("Cookies");
await HttpContext.Authentication.SignOutAsync("oidc");
return RedirectToAction("Index", "Home")
when it I removed the return Redirect line everything with the logout worked perfectly.
markschultz
on 3 Apr 2017
when it I removed the return Redirect line everything with the logout worked perfectly.
yep, that's the issue. the signout call for oidc does the redirect, so doing your own gets in the way
brockallen
on 3 Apr 2017
@brockallen I would emphasize the last point, regarding RedirectToActionline, in the quickstart guide. Right now the example code shows it without the Redirect. However, I think it would be better to explicitly point it out that it will cause issues if you use a Redirect after the sign out. I personally did the same mistake like @markschultz.
JanOuborny
on 15 May 2017
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
![lock[bot] picture](https://avatars1.githubusercontent.com/in/6672?v=4&s=40)
lock[bot]
on 14 Jan 2020
Related issues
brockallen
路
3Comments
cixonline
路
3Comments
krgm03
路
3Comments
createroftheearth
路
3Comments
osmankibar
路
3Comments
Most helpful comment
@brockallen I would emphasize the last point, regarding
RedirectToActionline, in the quickstart guide. Right now the example code shows it without the Redirect. However, I think it would be better to explicitly point it out that it will cause issues if you use a Redirect after the sign out. I personally did the same mistake like @markschultz.