Currently I have issue with Logout when using Azure AD B2C for my React app. Issue described below:
I have create 2 different user flows on my Azure AD B2C tenant as below:
B2C_1_Tenant_SI: single sign-on configuration of this policy is set as Tenant
enter image description here
B2C_1_Application_SI: single sign-on configuration of this policy is set as Application
enter image description here
And I use the sample React app which provide by microsoft to do testing for 2 scenarios:
Scenario 1: configure React app to use B2C_1_Tenant_SI.
-
lauch the react app, click on sign in using either popup or redirect, let’s use popup.
enter image description here
-
it popup the login page, then I key in my credentials and after authenticated it close popup and back to my react app and show the ID token info.
-
click on sign out, and sign out successfully.
enter image description here
-
click on sign in using popup again, it popup the login page to ask for my credentials. This is expectation because i clicked sign out, and it cleared Azure B2C user’s session.
Scenario 2: configure React app to use B2C_1_Application_SI.
-
lauch the react app, click on sign in using either popup or redirect, let’s use popup.
-
it popup the login page, then I key in my credentials and after authenticated it close popup and back to my react app and show the ID token info.
-
click on sign out, and sign out successfully.
-
click on sign in using popup again, it popup the window and close immediately to back to my react app and show the ID token info without asking me to key in my credential. <—- This is unexpectation, it should ask for my credentials because I have signed out successfully at step 3 but seems like the Azure B2C user’s session was not cleared.
Can anyone help to explain the issue above?
Here is code of handling logout
enter image description here
Thanks in advance.
I have tried to use logout function of @msal-browser from my react app to clear Azure AD B2C Session with Application wise configuration for SSO. But it did not clear the Azure AD B2C Session.
Expectation: Azure AD B2C Session should be cleared when logout successfully.