Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for logout #32

Closed
nicosabena opened this issue Dec 31, 2018 · 5 comments
Closed

Support for logout #32

nicosabena opened this issue Dec 31, 2018 · 5 comments

Comments

@nicosabena
Copy link
Member

Add support for logout in the UI. oauth2 connections support two options for logout:

  • logoutUrl that holds a string value with a fixed logout URL to redirect the user to when a federated logout is requested.
  • getLogoutUrl, a script that can generate a logout URL dynamically based on the request query. The script format is like this:
function(query, callback) {
  var logoutUrl = "...";
  callback(null, logoutUrl);
}
@dmarjoram
Copy link

It would also be nice to be able to access the encrypted configuration object in this context, i.e. the same values you can specify when writing scripts for Auth0 rules.

@mleybsage
Copy link

mleybsage commented May 24, 2019
edited
Loading

@nicosabena in the linked article https://community.auth0.com/t/custom-social-connection-federated-logout/19491 you guys mention that
"if you use the UI after setting any of these options and click Save, the custom property you set before will be lost."
is this behaviour intentional? We've recently been affected by the changed we've applied to the options object being lost when interaction through the UI occurs

@nicosabena
Copy link
Member Author

is this behaviour intentional?

No, not really. It's just that at the moment this extension was created there was no need to handle the scenario where certain properties like logoutUrl (not available in this extension's UI) were modified directly using the API.
This extension recreates the connection when clicking "Save" based on whatever is seen in the UI, so any properties that the extension doesn't know about are lost. Not ideal, of course, and something that could be improved.

@BryceBarbara
Copy link

@nicosabena Is it possible to prevent modifications to a social connection if it has those unsupported properties in it? We'd like to avoid scenarios where it can be broken by absent minded developers/admins.

@nicosabena
Copy link
Member Author

Custom Social Connections are a first-class citizen in the Auth0 Dashboard now, so there's no need to use the Custom Social Connection Extension.

This appears at the bottom of the list when creating a new social connection:

image

And when editing one of these connections, you get the usual fields:

image

logoutUrl and getLogoutUrl aren't directly available (as before), but the good news is that the dashboard UI will not overwrite existing values for the connections, so if you set either value using the Management API and then edit the connection from the dashboard the logout configuration will stay.

So, TL;DR: stop using the Custom Social Connection extension and use the Auth0 Dashboard directly to manage custom social connections 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nicosabena @dmarjoram @BryceBarbara @mleybsage