From the information you provided, I understand you need more information related to authentication logout and session timeout for ALB.
When a user that has been authenticated needs to log out, the application should invalidate the session cookie by setting expiry to -1 but also redirect the client to the IdP logout endpoint. This needs to be done by your application.
Make sure the code consists of:
- Invalidate the AWSELBAuthSessionCookie-0 and AWSELBAuthSessionCookie-1 cookie by setting expiration time to -1, or just clear both of them.
- Redirect the user to idp logout endpoint
You should be able to set the expiry to -1 with set-cookie.
I hope you find this helpful.
Reference:
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#authentication-logout-timeout
https://www.exampleloadbalancer.com/auth_detail.html
https://docs.aws.amazon.com/cognito/latest/developerguide/logout-endpoint.html
Relevant questions
The web acl is associated with the Application Load Balancer in the AWS region. After a few hours, it is found that the association has been cancelled
asked a month agoCognito (with google) + Application Load Balancer = 414 Request-URI Too Large
asked 3 months agoAWS Load Balancer Controller deployment to force creation of application Load Balancer?
asked 3 months agoApplication Load Balancer throws 503 in a post request
asked 4 days agoHow to give users a limited access time to a web app running on ECS/EC2
asked 3 months agoI am trying to log in through the Cognito hosted UI. I don't see such a function in the example, what should I do?
Accepted Answerasked a month agoCognito with Load Balancer
asked 5 months agoHow to Modify AWSELBAuthSessionCookie to Log Off User
asked 2 months agoLogout from an ALB session that is authenticated by Cognito
asked 3 years agoApplication Load Balancer doesn't send user claims in HTTP headers
Accepted Answerasked 3 years ago
