![]() ![]() To do this, you must define a callback route for the sign-out process, which means that you need to allow the post sign-out URL in your Okta app integration settings. ![]() Okta ends the user's session and immediately redirects the user back to your application. Signing out of Okta requires the app to open a browser and navigate to the end session endpoint. Sign users out of Okta by clearing the Okta browser session.Īpplication Session: Most apps have their own user sessions that you need to close in addition to an Okta user session. The next time that a user is redirected to the Okta sign-in page, the user's information is remembered. Okta Session: Okta maintains a session for the user and stores their information inside an Okta-specific cookie. In cases where your app also has a session, you also need to close the user's app session. Signing users out of an app that is secured using Okta requires that you close the user's session in Okta. Sign users in to your single-page app using the redirect model.Sign users into your mobile app using the redirect model.Sign users in to your web application using the redirect model. ![]() To create your own, see the following guides: Okta Developer Edition organization (opens new window).This guide explains how to sign users out of Okta and out of your app. It explains the most common strategies to prevent unauthorized use of a session, which include setting short token lifetimes and giving users the ability to sign out when they are done. This guide explains an important part of security, which is to minimize the chances that a malicious actor uses an existing session to perform unauthorized actions. See Identify your Okta solution (opens new window) to determine your Okta version. If you are using Okta Identity Engine, see User sign out (local app) for relevant guidance. Note: This document is written for Okta Classic Engine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |