-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Amplify signout doesn't signout from custom provider/idp/okta #12991
Comments
The same happens to me. When a user clicks 'Sign Out' in our application, it signs out the current user without any issue and clears local storage. However, after signing out, when I attempt to sign back in by clicking our login button with the LinkedIn OIDC flow, instead of asking for the LinkedIn username and password, it is using Cognito Hosted UI cookies to generate jwt token of idp user. This should prompt for user credentials to sign-in with LinkedIn. |
I'm also having the same issue using a custom provider on a ReactJS app. I'm wondering if when going federated the SignOut flow is different... version 6.0.15 |
@cwomack, include tags Basically, Bug in your cognito hosted UI IDP sign-in flows. clearing cookies while user is signing-out. |
Related #4044 |
With this issue having the same root cause as #4044, we'll close it in favor of that issue to track the progress on the feature request there. This is currently a limitation of the Cognito side, and not something that can be supported out of the box with Amplify right now. The Cognito team is aware of this limitation, and we will provide an update within issue #4044 when we have made more progress. |
I still don't understand why you're closing this issue. This issue should remain open on your end until a solution is found. |
Regarding this issue, before proceeding with closure, please ensure that the necessary changes are made from Cognito service team. Follow up on this process with high priority.
|
Before opening, please confirm:
JavaScript Framework
React Native
Amplify APIs
Authentication
Amplify Version
v6
Amplify Categories
auth
Backend
Other
Environment information
Describe the bug
Note: the problems described below sound very similar to what's described in these two stack overflow posts (here and here)
We are attempting to add cognito auth integration through aws-amplify in our web application. This is for our dev/staging/non-production environment.
We're able to successfully login to our application through via a custom okta idp login (via cognito) by calling signInWithRedirect. This cognito login flow:
However, when we invoke our application signout flow, which ends up calling signout, what happens is the following:
I find that if I clear my browser cache + cookies, things go back to working as expected, e.g.
Expected behavior
When we call signout in our application,
Reproduction steps
1. initial login
2. redirect to okta idp (via cognito amplify)
3. successful login, will click logout
4. successful logout, redirect back to login page (this shows that signout kind of works, because if it didn't, any redirect to login page will attempt to check for an existing cognito session via our amplify configuration and automatically log in if there's one)
5. however, re-attempting to login as
[email protected]
doesn't redirect to okta, we get automatically signed in after clicking log-in:[email protected]
) directly through okta (this is for our users not enabled through aws cognito), causes an automatic login as [email protected]7. It seems that if I clear all cookies/cache in my browser, i am able to get back to my desired behavior of getting redirected to the okta login screen by cognito.
Code Snippet
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered: