By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Okta initiated Sign Out with Amplify + Cognito

0

I have a React app which uses Amplify to do authentication against Cognito users pools. We've just added Okta integration which I have got working using OIDC. You can log into Okta and are then authenticated against our app. The issue I have is that when the users logs out of Okta, they still have access to the app as we're using tokens. Whenever the user goes to the app, they get valid access/id tokens and even on refresh they're still granted valid tokens. I absolutley cannot initiate Log Out from the app (SP side). Perhaps I'm not understanding the auth flow when using OIDC, but it seems puzzling that this is not part of the OIDC setup in Okta - you define a Sign In endpoint, but as far as I can tell the Sign Out end point is only used when teh app is initiating Logout(?)

Topics
Front-End Web & MobileSecurity, Identity, & Compliance
Tags
AWS AmplifyAmazon CognitoAmazon Cognito Federated Identities
Language
English
Stuart
asked 2 months ago59 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content