Is Cognito OAuth Logout 'state' param supported?

2

Hi there,

Try to achieve cognito oauth logout using state parameter as stated on the last example of the call documentation but not getting it injected on the redirect URL.

I see that on the documentation, state is not listed as it's on the login route, however, it's shown on the Example#2, leading to a might support thinking on my side.

  • Is this really not supported on the logout?
  • How we would carry state values on the logout actions? I see that some oauth implementations does support state on their logouts.
  • I don't see state being specified on the OAuth@v2 RFC, thus is the reason why state is not implemented on logout. https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
gwdp
asked 2 years ago112 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions