Log Users Out of Identity Providers

Some providers allow you to force a user to log out of their identity provider. Auth0 often accomplishes this by adding the federated query string parameter to the redirect at the /oidc/logout endpoint.

To do this, add a federated query string parameter to the logout URL:


Federated logout support

The following identity providers support federated logout:

  • Evernote

  • Facebook

  • Fitbit

  • GitHub

  • Google

    • Apps

    • OAuth 2.0

  • Microsoft

    • Active Directory Federation Services

    • Office 365

    • Windows Azure Active Directory

    • Windows Live

  • Salesforce/Salesforce Sandbox

  • X

  • Yahoo

  • Yammer

Clear application session

The Auth0 Logout endpoint logs you out from Auth0 and, optionally, from your identity provider. It does not log you out of your application! This is something that you must implement on your side. You need to log out the user from your application by clearing their session.

Alternative logout

To add federated logout to the alternative logout endpoint, add the federated query string parameter to the logout URL:


Alternative logout limitations

  • No validation is performed on any URL provided as a value to the returnTo parameter, nor any query string or hash information provided as part of the URL.

  • The behavior of federated logouts with social providers is inconsistent. Each provider will handle the returnTo parameter differently and for some, it will not work. Please check your social provider's settings to determine how it will behave.

  • If you are working with social identity providers such as Google or Facebook, you must set your Client ID and Secret for these providers in the Dashboard for the logout to function properly.

  • If you are an Auth0 Enterprise user, you will typically have SSO enabled for multiple applications, for example, SharePoint, a few .NET applications, a few Java applications, Zendesk, etc. In this case, it's very common that when users sign out, this needs to happen for all of their applications.

Learn more