I am using trying to get single signout working with Umbraco for members. When the logout is initiated from Umbraco, the OnRedirectToIdentityProviderForSignout event is triggered, I can see the request to Azure B2C, and the front channel logout urls are being called for each applicaiton that has an open session. The OnSignedOutCallbackRedirect events are then triggered by the calling of the front end logout channels. The only problems is that in this scenario, Umbraco logs out completely, but the other application that had its front end channel called does not. When I initiate the logout from another application (not Umbraco), the same thing happens. The OnRedirectToIdentityProviderForSignout is triggered in the calling application, both front end channel logout urls are called, and the OnSignedOutCallbackRedirect is triggered on both applications. In the scenario, the application that initiated the logout will be logged out, but Umbraco will still be logged into the client. I have done another test with two applications where I can logout from both of the applications using a single click of either applications logout button. In that scenario, the initiating application triggers the OnRedirectToIdentityProviderForSignout event, both front end logout channel urls are called, and both applications get logged out as expected. Does anyone have any idea what is going on when I try single signout with umbraco and why it will not work?
UPDATE: I am noticing that when I log in to my non Umbraco applications, there is a AspNetCore.Cookies cookie being set. In my non Umbraco application, I am setting the default authentication scheme to OpenIdConnect although it seems as if maybe OpenIdConnect and Cookies are being used. When I log into my Umbraco app, I notice that there is a AspNetCore.Identity cookie being set.
I did. There were a few things going on. One was that I needed to make sure that the remote path and signout paths were correct. I think I may have used a default value where I shouldn't have (ie stored the remote signout default value in signoutcallback). The other was that I needed to set some same site cookie policy. When both .NET sites were being signed out, it was really because they used a shared cookie. The appearance that it was only Umbraco that was not responding to the front channel callback was what confused me on this.
Unable to get single sign out working using OIDC.
I am using trying to get single signout working with Umbraco for members. When the logout is initiated from Umbraco, the OnRedirectToIdentityProviderForSignout event is triggered, I can see the request to Azure B2C, and the front channel logout urls are being called for each applicaiton that has an open session. The OnSignedOutCallbackRedirect events are then triggered by the calling of the front end logout channels. The only problems is that in this scenario, Umbraco logs out completely, but the other application that had its front end channel called does not. When I initiate the logout from another application (not Umbraco), the same thing happens. The OnRedirectToIdentityProviderForSignout is triggered in the calling application, both front end channel logout urls are called, and the OnSignedOutCallbackRedirect is triggered on both applications. In the scenario, the application that initiated the logout will be logged out, but Umbraco will still be logged into the client. I have done another test with two applications where I can logout from both of the applications using a single click of either applications logout button. In that scenario, the initiating application triggers the OnRedirectToIdentityProviderForSignout event, both front end logout channel urls are called, and both applications get logged out as expected. Does anyone have any idea what is going on when I try single signout with umbraco and why it will not work?
UPDATE: I am noticing that when I log in to my non Umbraco applications, there is a AspNetCore.Cookies cookie being set. In my non Umbraco application, I am setting the default authentication scheme to OpenIdConnect although it seems as if maybe OpenIdConnect and Cookies are being used. When I log into my Umbraco app, I notice that there is a AspNetCore.Identity cookie being set.
Hi Chris,
We have a similar issue, did you ever get to the bottom of this?
I did. There were a few things going on. One was that I needed to make sure that the remote path and signout paths were correct. I think I may have used a default value where I shouldn't have (ie stored the remote signout default value in signoutcallback). The other was that I needed to set some same site cookie policy. When both .NET sites were being signed out, it was really because they used a shared cookie. The appearance that it was only Umbraco that was not responding to the front channel callback was what confused me on this.
is working on a reply...