Re: [keycloak-user] Logout with openid-connect is not invalidating the session cookie.

On Sep 21, 2016, at 2:03 PM, Sean Schade <sean.schade(a)drillinginfo.com&gt; wrote: We are having an issue where our browser application will initiate a logout, but after redirecting back to the application the user is not taken to the login screen. It appears the user is still logged in, and can fully access the application. I can see the session removed in Keycloak Admin UI. However, it appears the cookie never gets invalidated. Here is the redirect URL we use. Are we missing some configuration step in the client? I have standard flow, implicit flow, and direct access grants enabled. Valid redirect URIs, Base URL, and web origins are all configured in the client. Admin URL is not set as we are relying only on browser logout. https://auth.dev.drillinginfo.com/auth/realms/dev/protocol/openid-connect... <https://auth.dev.drillinginfo.com/auth/realms/dev/protocol/openid-connect... keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user