Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

hey team, any idea why the `createBrowserLogoutFlow` works but the `updateLogoutFlow` that follows it, does not? I get 401. Same thing If I try to visit the logout_url. It says that the session is inactive:
```		const { data } = await kratosPublicApi.createBrowserLogoutFlow({ cookie });
		await kratosPublicApi.updateLogoutFlow({ token: data.logout_token });```

Hey, any update here?
Ran into the same issue :disappointed:

hey <@U04K7E973BL> not sure if you’ve managed to fix your issue, but I’ve managed to fix mine. the issue was the following: the logout flow, happens in the frontend, while my login flow was happening in the backend. which means that the ory_kratos_session was also stored in the BE. You might have noticed that the updateLogoutFlow does not take a `cookie` in the payload, because it expects to find it in the browser cookies (so it can delete it).
To fix, I removed the `updateLoginFlow` from the BE, and handled the login in the frontend, by submitting the form to kratos directly (`ui.method` and `ui.action`), which after a successful request, stores the cookie in the browser.