Hi @Jeroen H
Thank you for posting this in Microsoft Q&A.
I understand you having trouble logging out of the Microsoft OAuth flow with auth code acquisition.
The post_logout_redirect_uri
parameter is the URL that the user is redirected to after successfully signing out. This URL must match one of the redirects URIs registered for your application in the app registration portal. After successful sign-out, the active sessions will be set to inactive. If a valid Primary Refresh Token (PRT) exists for the signed-out user and a new sign-in is executed, SSO will be interrupted, and the user will see a prompt with an account picker. If the option selected is the connected account that refers to the PRT, sign-in will proceed automatically without the need to insert fresh credentials.
To sign out a user, we need to perform both of these operations:
- It redirects the user's user-agent to the Microsoft identity platform's logout URI. (During Application Registration)
- Clear your app's cookies or otherwise end the user's session in your application. (SignOut action of the controller within application Code)
For your reference: https://learn.microsoft.com/en-us/entra/identity-platform/scenario-web-app-sign-user-sign-in?tabs=nodejs#sign-out
You can also refer to this post where similar issue has been discussed:
https://learn.microsoft.com/en-us/answers/questions/1192925/end-session
If you are encountering any issues, please let me know via the comments section.
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.