Hello there,
I am trying to logout user via keycloak js from the client application and it doesn`t work.
My setup:
Client Application (OpenId) <- Keycloak <- External OpenId Idp.
keycloak-js version: 11.0.2.
I see that keycloak js redirects the user to the logout endpoint when keycloak.logout() called. Logout endpoint: http://localhost:8001/auth/realms/click/protocol/openid-connect/logout?redirect_uri=http%3A%2F%2Fclick.iam.com%3A8002%2F. But, the user session is still active after the refresh.
I see similar complaints on stack overflow: https://stackoverflow.com/questions/49190827/keycloak-logout-does-not-end-session.
After some investigation, I found that the Keycloak session removes after logout. But the session on external IDP is still alive. So, after page reload Keycloak’s session recreates.
I am also facing same issue. any fix or any workaround there ?
The problem was that the realm names in keycloak and in keycloak js were slightly different. In keycloak it was uppercase and in keycloak js we used lowercase.
I am using keycloak 12.0.4 and spring boot adapter. I have verified realm names. it is lower case in both keycloak and my property file. but , still it is not logging out external IDP.
any workaround there ?
my external idp is Okta with openid protocol
I would suggest to inpect the network tab in chrome. Potentially keycloak might logout you, but single logout is not configured, so in okta you are still login. So, keycloak renew session.
Yes @DmitriyVorobey , Keycloak gets logout. but it is not getting logout from okta.
I have configured external idp’s logout url also. please point me if I did configure anything wrong.
and , I am using spring boot adapter for keycloak.
I have triggered logout from backend , by request.logout();
if you have any reference, please share to me, that will help me.
Thanks you
hey
i have the same problem. is there any solution?
