![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 49%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EW%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,132 questions
Hi @wizard2019 , make sure the session is actually being terminated. Just clearing the application's cookies or ending the session with the user isn't enough. You need to redirect the user to Azure AD B2C to sign out properly. Otherwise, they might be able to re-authenticate without entering their credentials again.
Also, try passing the id_token_hint parameter in your logout request. This helps Azure AD B2C identify the session that needs to be terminated. You can configure your sign-up/sign-in user flow to require an id_token_hint on logout and pass it in the logout request.
If you're using single sign-out, make sure all applications involved are correctly configured to handle the sign-out request. This includes setting the logout URL under the authentication settings in the Azure portal and handling the OnRedirectToIdentityProviderForSignOut event.
Sometimes the issue might be related to browser cache or cookies. Make sure all relevant cookies are cleared during the sign-out process, including cookies like x-ms-cpim-sso and x-ms-cpim-csrf.
If you're using custom policies, ensure they're correctly configured to handle the sign-out process. This includes verifying that the technical profiles and user journeys are set up correctly to manage the sign-out flow.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James