<![CDATA[Logout with multiple subdomains]]>Hello guys!

I have a very specific problem that I can't seem to find a solution for. I've recently hosted my own community edition version of FusionAuth to test the integrations with my application, before migrating fully to it. We use Okta currently, but it does not support our needs anymore.

The way my application works is that, the single application creates multiple subdomains for my clients. So, for instance, a client might have access to the domain https://backerstats.localhost/ (using localhost for example purposes) as an admin and a player, and to the domain https://pokerstats.localhost/ as an admin. This is all handled in the same application, where we would put all available domain login URLs for the users with no problems:
fe574ff0-f84f-40ef-9a3e-95108fb1f339-image.png

The login was configured with SSO and works fine. But now, when getting the the Logout, even though we have the Logout Behavior set for "All Applications", when I logout from a subdomain (like https://backerstats.localhost/), it works out normally, but I stay logged in on any other domains I might have accessed. For instance, if I had accessed https://pokerstats.localhost/ and then came back to https://backerstats.localhost/ to logout, and then navigated back to https://pokerstats.localhost/ I'd still be logged in on it.
99b46341-d1da-44f2-bc98-10bcdd5b3f4a-image.png

My question here would be: Do I need a separate application for every single subdomain, or is there a way to make it so the logout works for every subdomain of the application?

Thanks in advance.

]]>https://fusionauth.io/community/forum/topic/2929/logout-with-multiple-subdomainsRSS for NodeTue, 09 Jun 2026 08:44:47 GMTThu, 12 Jun 2025 15:42:30 GMT60<![CDATA[Reply to Logout with multiple subdomains on Wed, 02 Jul 2025 04:17:27 GMT]]>@mark-robustelli said in Logout with multiple subdomains:

@ext_figuvini after reading your post again, I think I read it differently. The way the SSO logout works is that on logout, FusionAuth calls all the logout urls for each applications. It would seem that you are correct in that creating an application for each subdomain makes sense and would work. (You can create applications through the API so you should be able to automate this.) Can you try this for a few domains and confirm it works?

Your point is correct. Creating a separate application for each subdomain is a reasonable and correct solution.
When a user logs out of the SSO system, FusionAuth will call the logout URLs defined in each configured application in turn. This allows each application to clean up its own session. Pretty good solution

]]>https://fusionauth.io/community/forum/post/8227https://fusionauth.io/community/forum/post/8227Wed, 02 Jul 2025 04:17:27 GMT<![CDATA[Reply to Logout with multiple subdomains on Wed, 25 Jun 2025 06:30:27 GMT]]>@mark-robustelli said in Logout with multiple subdomains fnaf:

@ext_figuvini this is an interesting use case. I would think the way you have it configured would work. I would have to recreate you situation to test. Unfortunately it may be a while before I can get that done. I should be able to take a look next week. If anyone has experience with this, please feel free to chime in.

Make sure to set the Redirect URIs in the application settings to include all relevant subdomains (e.g., https://backerstats.localhost/, https://pokerstats.localhost/).

]]>https://fusionauth.io/community/forum/post/8057https://fusionauth.io/community/forum/post/8057Wed, 25 Jun 2025 06:30:27 GMT<![CDATA[Reply to Logout with multiple subdomains on Fri, 13 Jun 2025 19:31:08 GMT]]>@mark-robustelli Hey, Mark! Thank you so much for taking your time to answer me.

So, I was going to try to create new application, but talking to the other devs I have on this project, we figured out we currently have about 700 different domains (each client gets a domain for his access), and this is on a legacy PHP/Zend application, so you can imagine how painful it is to change all the implementations.

Currently, I think it'd be unviable to create one application for each different domain, because it'd be a nightmare to manage 700 different applications in the dashboard, so I'd be happier with being able to sync logouts in a single application. I've considering doing some manual hacking (like creating a global cookie that gets info from each domain cookie and then killing all of them), but I'd like to know if anyone else here had success with this kind of scenario without having to pull out the hacky stuff.

Thanks again!

]]>https://fusionauth.io/community/forum/post/8050https://fusionauth.io/community/forum/post/8050Fri, 13 Jun 2025 19:31:08 GMT<![CDATA[Reply to Logout with multiple subdomains on Fri, 13 Jun 2025 06:33:32 GMT]]>@ext_figuvini after reading your post again, I think I read it differently. The way the SSO logout works is that on logout, FusionAuth calls all the logout urls for each applications. It would seem that you are correct in that creating an application for each subdomain makes sense and would work. (You can create applications through the API so you should be able to automate this.) Can you try this for a few domains and confirm it works?

]]>https://fusionauth.io/community/forum/post/8049https://fusionauth.io/community/forum/post/8049Fri, 13 Jun 2025 06:33:32 GMT<![CDATA[Reply to Logout with multiple subdomains on Fri, 13 Jun 2025 06:02:05 GMT]]>@ext_figuvini this is an interesting use case. I would think the way you have it configured would work. I would have to recreate you situation to test. Unfortunately it may be a while before I can get that done. I should be able to take a look next week. If anyone has experience with this, please feel free to chime in.

]]>https://fusionauth.io/community/forum/post/8048https://fusionauth.io/community/forum/post/8048Fri, 13 Jun 2025 06:02:05 GMT