Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Optional
    • Resolution: Rejected
    • Affects Version/s: 1.8.0.Final
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Steps to Reproduce:
      Hide

      1. Enable Direct Access Grants
      2. Invoke the endpoint /auth/realms/

      {realm}/protocol/openid-connect/token with the credentials
      3. See the created session in console
      4. Try to logout with the endpoint /auth/realms/{realm}

      /protocol/openid-connect/logout

      The session is still active.

      Show
      1. Enable Direct Access Grants 2. Invoke the endpoint /auth/realms/ {realm}/protocol/openid-connect/token with the credentials 3. See the created session in console 4. Try to logout with the endpoint /auth/realms/{realm} /protocol/openid-connect/logout The session is still active.

      Description

      I've got problem with logout on endpoint /auth/realms/

      {realm}/protocol/openid-connect/logout. I was told to pass the refresh_token obtained from /auth/realms/{realm}

      /protocol/openid-connect/token in the Authorization header. I thought that it worked at some moment, but now, although I am getting HTTP status 200, the session still can be seen in Sessions tab as it was active. The only thing that it does, when I'm invoking logout on Master realm, it logouts currently logged in admin user, even if there is no header and any other information about the user. What is wrong in this case? I want it to logout the session that I created before.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                radzikod Daniel Radzikowski
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: