By using AWS re:Post, you agree to the Terms of Use

cognito hosted ui logout failing with

0

Hello
I have a test web application with cognito hosted UI. The login part works well and I can reach my index.html page after authenticating with cognito. when i try to logout following the documentation for cognito it just says
GET https://myDomain.auth.REGION.amazoncognito.com/logout?client_id=MyClientID&redirect_uri=https://www.cnn.com&response_type=code

when I do that, I get an error on chrome developer tools, that says
Access to XMLHttpRequest at 'https://myCognito.auth.REGION.amazoncognito.com/logout?client_id=MyClientID&redirect_uri=https%3A%2F%2Fwww.cnn.com&response_type=code' from origin 'https://myDomain.REGION.amazonaws.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
how do I make sure the browser wont stop the logout request? as I recall cognito does not have any place were to configure CORS

is there any other way to do a logout request?
thanks
RT

  • Not sure if you really want the user to navigate to CNN.com or it is just a sample, if you are trying on the domain where you have access, you can allow the requests from Cognito domain with "Access-Control-Allow-Origin".

asked 2 years ago238 views
4 Answers
0

I just realized it is not a cognito issue. The browser receives a 302 status and a location but it is not redirecting. So cognito is doing its part, i just need to figure out the code to force the browser to redirect.

answered 2 years ago
0

Your call to the Cognito /logout endpoint shouldn't be an XHR request -- the browser needs to be redirected to there. Cognito will then log the user out and redirect them back to the value you provided in redirect_uri.

answered 2 years ago
0

Not sure if you really want the user to navigate to CNN.com or it is just a sample, if you are trying on the domain where you have access, you can allow the requests from Cognito domain with "Access-Control-Allow-Origin".

answered 9 months ago
0

Hey @rtt how did you solve this? I am having the exact same redirect issue with a 302, and cors error.

answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions