Azure AD B2C session behavior

  Kiến thức lập trình

Currently I have issue with Logout when using Azure AD B2C for my React app. Issue described below:

I have create 2 different user flows on my Azure AD B2C tenant as below:
B2C_1_Tenant_SI: single sign-on configuration of this policy is set as Tenant

enter image description here

B2C_1_Application_SI: single sign-on configuration of this policy is set as Application

enter image description here

And I use the sample React app which provide by microsoft to do testing for 2 scenarios:

Scenario 1: configure React app to use B2C_1_Tenant_SI.

  1. lauch the react app, click on sign in using either popup or redirect, let’s use popup.

    enter image description here

  2. it popup the login page, then I key in my credentials and after authenticated it close popup and back to my react app and show the ID token info.

  3. click on sign out, and sign out successfully.

    enter image description here

  4. click on sign in using popup again, it popup the login page to ask for my credentials. This is expectation because i clicked sign out, and it cleared Azure B2C user’s session.

Scenario 2: configure React app to use B2C_1_Application_SI.

  1. lauch the react app, click on sign in using either popup or redirect, let’s use popup.

  2. it popup the login page, then I key in my credentials and after authenticated it close popup and back to my react app and show the ID token info.

  3. click on sign out, and sign out successfully.

  4. click on sign in using popup again, it popup the window and close immediately to back to my react app and show the ID token info without asking me to key in my credential. <—- This is unexpectation, it should ask for my credentials because I have signed out successfully at step 3 but seems like the Azure B2C user’s session was not cleared.

Can anyone help to explain the issue above?

Here is code of handling logout

enter image description here

Thanks in advance.

I have tried to use logout function of @msal-browser from my react app to clear Azure AD B2C Session with Application wise configuration for SSO. But it did not clear the Azure AD B2C Session.

Expectation: Azure AD B2C Session should be cleared when logout successfully.

New contributor

Binh Tu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

Theme wordpress giá rẻ Theme wordpress giá rẻ Thiết kế website

LEAVE A COMMENT