Hi team, after logout, when I want to reconnect, only the password needs to be entered. It says I'm logged in with my account: "You're logged in as: ...@mail.com". What's the right way to change user after logout? The only visible link is the one at the bottom "Something's not working? Logout", which only refreshes the page and is therefore useless.

Hi @breezy-journalist-86771 Logout should completely remove the session. As for the logout button at the bottom of the card, this is a bug and has been fixed. We just need to release to production again. How are users logged out currently in your application?

Hi @proud-plumber-24205 I use the oidc-client-ts library, which manages logoutRedirect(). I have a problem with the set post_logout_redirect_uris:

{
  "error": "invalid_client_metadata",
  "error_description": "The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata. post_logout_redirect_uri '<https://local.sdk.eniblock.com/admin/login>' must match the domain, port, scheme of at least one of the registered redirect URIs but did not'"
}

So I'm doing the signout and then a redirect directly in my app, maybe the session cookie cleanup isn't done right. How can I set the post_logout_redirect_uris? My current request is:

curl --request PUT -sL --header "Authorization: Bearer ory_pat_*******" --header "Content-Type: application/json" --data '{"post_logout_redirect_uris": ["<https://local.sdk.eniblock.com/admin/login>"] }' https://{project}.<http://oryapis.com/admin/clients/{clientId}|oryapis.com/admin/clients/{clientId}>

Hi @breezy-journalist-86771 Sorry for the late response, I think you need to follow the documentation below https://www.ory.sh/docs/oauth2-oidc/oidc-logout#openid-connect-front-channel-logout-10 As the error suggests, the

post_logout_redirect_uri

needs to match one of the

redirect_uris

set on the client. Below

<https://my-app.com/callback>

is a valid redirect_uri which should be usable by

post_logout_redirect_uri

.

ory create oauth2-client \
  --grant-type authorization_code --grant-type refresh_token  --grant-type client_credentials \
  --response-type code \
  --scope openid --scope offline_access \
  --token-endpoint-auth-method client_secret_post \
  --redirect-uri <https://my-app.com/callback> --redirect-uri <http://my-other-app.com/callback>