Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Related Documents

Confluence Link

Include Page
Cognito OKTA Auth0 Client Integration GuideCognito
OKTA Auth0 Client Integration Guide
Info

Important - Please implement the new logout strategy outlined below in your applications.

New Local Logout Requirement
A new logout requirement was determined by the business, whereby logging out of an application should not affect other logged in applications. In other words, applications should perform a local logout only. Global Logouts should not be used. If you have a scenario for global logout, please contact us in the slack or support channels. The directions for logout have been updated.

...

Impact on Cognito SSO Cookie
With applications performing local application logouts only, the Cognito SSO cookie will naturally expire after 1 hour. The SSO cookie should not be affected by local application logoutsbe deleted when the local application logout is performed.

Example Diagram of Logout Strategy

...

Known Use Cases for Global Logout

...

USTA.com

  • Update Email from Sign In user dashboard

  • Profile Page, change DOB < 13, confirmation, Global Logout

  • ASM - CSR ends the session, Global Logout

    • Button in Back Office (End Session, Left Pane) → Must use logout from this button → Global Logout

All Clients

  • Cancel Light Weight Registration

    • As previously advised, If a user cancels lightweight registration, please perform a local logout

Info

We had previously advised performing a global logout followed by a local logout. The global logout is now being performed by Lightweight Reg on cancel. Clients will only need to perform the local logout.