Logout from one application does not logout user from another



  • Hello, I am having an issue where I have two applications registered within FusionAuth. Both applications have an OAuth 2.0 connection set up properly, and I have included a picture of both apps' configurations at the very bottom.

    The issue arises when a user logs into one of the applications using OAuth, as expected they do not need to supply their credentials when logging into the other application via OAuth. However, when a user signs out of one of the applications, they are not signed out of the other automatically (their sessions is still active and they can interact with the app). I am pretty sure that by setting the logout behaviour to "All applications", the logout endpoint of all applications should be called and the user should be effectively signed out everywhere.

    I have also tested this approach, with the user logging out of FusionAuth to trigger the other apps' logout endpoints, this works as intended, this leads me to believe that my "Logout URL" is correct. Does anyone know if my understanding of the "logout behaviour" is correct? Thanks!

    f079be79-b487-44d8-874b-562a442a3236-image.png

    a525c99d-fb0b-455d-a701-a65a164e11e0-image.png



  • Your application needs to kill/destroy its session in the Logout URL route.

    For example, see the "Logout page route" here: https://fusionauth.io/docs/v1/tech/guides/single-sign-on/

    Do your applications do that?


Log in to reply