Description: 

After member logged out using the logout button. he can login automatically to his account when they click the login button.

Browser: Firefox 

OS: Mac OS X

RawUserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0

Steps to Reproduce:

User A logs into their member portal account on Firefox and completes their session.

User A logs out using the proper logout method and closes the tab before the logout screen shows.

User A then opens a new tab in Firefox, navigates to the login page, and selects the "Member Login" option.

Instead of being prompted to enter their own credentials, User A is automatically logged into User A's account.

Expected Behavior: 

After User A logs out and closes the tab, User A should be prompted to enter their own login credentials without any automatic login to User A's account.

Actual Behavior: 

User A is automatically logged into User A's account, regardless of the logout process followed by User A.

Additional Info:

The following OKTA JavaScript and sign-out code is used for the logout function. This code works in Chrome and Edge, but not in Firefox. It appears that in Firefox, the user session is not terminated upon logging out, allowing users to navigate back to a logged-in state

var oktaLogoutURL = document.getElementById("okta-logout").value;

oktaSecureSignIn.authClient.signOut({

clearTokensBeforeRedirect: true,

postLogoutRedirectUri: oktaLogoutURL

});

We found a similar post but no resolution was provided - https://devforum.okta.com/t/okta-auth-js-signout-not-working-firefox/24626