By using AWS re:Post, you agree to the Terms of Use

Is Cognito OAuth Logout 'state' param supported?


Hi there,

Try to achieve cognito oauth logout using state parameter as stated on the last example of the call documentation but not getting it injected on the redirect URL.

I see that on the documentation, state is not listed as it's on the login route, however, it's shown on the Example#2, leading to a might support thinking on my side.

  • Is this really not supported on the logout?
  • How we would carry state values on the logout actions? I see that some oauth implementations does support state on their logouts.
  • I don't see state being specified on the OAuth@v2 RFC, thus is the reason why state is not implemented on logout.