Hi there.
How do I configure the logout of the ANZ when configured with Azure AD (AAD)?
With that configured, when I click on logout, if does logout of the AAD. Is there anything missing from the config below?
5 Answer(s)
-
0
Hi @jtallon,
AspNet Zero doesn't provide external logout. So, when you logout, it just logs out the user from AspNet Zero, not from OpenId Connect provider.
-
0
Of we have OpenId configured, can a logout url be defined in the OpenId config?
-
0
Hello @jtallon; Most of the openid providers doesn't allow 3rd party signout. This means, if you integrated google login to your application, when login with google account and logout; you won't be able to logged out of google account but your application only. That is something up to openid providers.
For AzureAD you should be able to logout from AzureAD. After you signout from your cookie and openid schemes, you need to make a request to
https://login.microsoftonline.com/tenant-id/oauth2/logout?post_logout_redirect_uri=<optional_uri>.Here is a sample that can help you out https://github.com/Azure-Samples/active-directory-dotnet-web-single-sign-out.
I hope it was helpful.
-
0
Thanks @gterdem.
Finally, is there a config or flag in ANZ that the client would be able to check if the user is logged in using an external provider or into zero. Obviously, because the user can login using an external provider (AzureAD, etc.) or using ANZ, then knowing which type was used woudl be useful because the logout links/actions would be different.
Regards John
-
0
Hello @jtallon,
Yes, AbpUserLogin (based on Microsoft Identity) is the table you need to check out.
