Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

Hi guys!

I'm implementing the logout flow and I've encountered an issue. When trying to call "/oauth2/sessions/logout?id_token_hint=&lt;some_token&gt;" I receive an error message: "error=invalid_request&amp;error_description=The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.&amp;error_hint=square/go-jose: error in cryptographic primitive". So, I assume it's something wrong with the id_token(jwt) that is sent in the parameter. But the jwt that I sent it's exactly the same that is given to me in the login flow and I can decode it.

I know that the logout flow works, because when I call the logout endpoint via browser(which has the session_cookie) the logout is done successfuly. But if I try to specify through id_token_hint(which I need for my API) that's the response I get.

What am I getting wrong?

Thanks so much for the help!