Session logout not work after refresh access token #4030
Unanswered
RacceGatel
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have Hydra and Kratos. My SPA application works via OAuth2 at/rt/id_token, meaning it's a public client and also has openid, offline_access scope. After the login flow, it receives an id_token (with at/rt), which has a "sid" claim. But after the token refreshes, the next id_token no longer has a "sid" claim, causing the /oauth2/sessions/logout call to fail with the error "Logout failed because query parameter id_token_hint is missing sid claim."
Please explain how this is supposed to work. Thanks.
Beta Was this translation helpful? Give feedback.
All reactions