Federated logout not working as intended

[bmbmjmdm]

Description

Federated logout does not work when the initial login was unauthorized

Reproduction

I first try to login to facebook, and purposely choose to reject permissions from within the app.

Auth0 gets this info back, rejects it as unauthorized since I didn't give permission, and redirects me to my website.

Now I trigger auth0's logout function and pass it the federated parameter. Get redirected back to my site again.

I now go into login and try to choose facebook again, however it doesn't direct me to the facebook page to re-enter information. Instead it picks up my last login with them and automatically rejects it as unauthorized, making it so now I can never login with facebook using auth0.

Environment

• Version of this library used: 9.11.2
• Other relevant versions (language, server software, OS, browser): Firefox 70.0b9

[luisrudge]

Hi, this doesn't look like a bug in the SDK. I just tested this in the latest version, and the federated param is being sent correctly (the last param is the federated param:

What I think it's happening is that, since the browser doesn't have a session with Auth0, the logout command is not being sent to facebook because there's connection between facebook and Auth0 at that point. For more clarification, please reach out to our amazing support team at https://support.auth0.com so they can better assist you with your scenario.