User17117323149184608333 (Customer) asked a question.
Okta SLO Not Clearing JWT mysite Cookies from browser
I am experiencing an issue where the Single Logout (SLO) functionality provided by Okta does not clear the JWT cookies from my browser. After initiating SLO, the user is logged out from Okta, but the JWT cookies remain in the browser, which leads to authentication issues on subsequent visits.
Steps to Reproduce:
- User logs into the application via Okta.
- JWT cookies are set upon successful authentication.
- User initiates logout, which triggers the SLO process.
- Okta successfully logs the user out.
- JWT cookies remain in the browser after SLO.
Technical Details:
My post-logout URL request is attempting to clean the cookies using both JavaScript and backend (B.E) request.
Hello @User17117323149184608333 (Customer) Thank you for posting on our Community page!
I was able to find a similar question one this matter:
https://devforum.okta.com/t/okta-session-logout-not-clearing-access-token/2806/8
Please also see this article that should provide more info:
https://devforum.okta.com/t/why-jwts-suck-as-session-tokens/16782?page=2
Additionally if you need further assistance we recommend to leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
https://devforum.okta.com/
Thank you for reaching out to our Community and have a great day!
--
Join the Ask Me Anything online event on June 13, 2024 to discuss the new Govern Okta Admin Roles feature with our Experts