I've been tearing my hair out for a few days trying to call end end session endpoint with a redirect back to my site. I'm passing in id_token_hint, and post_logout_redirect_uri and it seems like these are being validated fine. My understanding it that with these parameters this endpoint should log out and redirect back to my site.
However, I'm still getting the prompt to log out, and when I click on it, it doesn't give a redirect link on the logout confirmation page. It's as if it's ignoring the parameters I'm giving it completely.
I'm using microsoft.aspnetcore.apiauthorization.identityserver version 6.0.18, which seems to reference version 5.2.0 of the Duende.IdentityServer dlls
The end of the logs is below. My interpretation of this is that it appears to have validated my parameters fine. I don't really know what the bit about resource compression is, but I tried removing compression and the warning goes away without solving the problem.
info: Duende.IdentityServer.Validation.EndSessionRequestValidator[0] End session request validation success { "ClientId": "onecalc-webapp", "ClientName": "OneCalc Webapp", "SubjectId": "unknown", "PostLogOutUri": "https://localhost:3001/logout", "Raw": { "id_token_hint": "REDACTED", "post_logout_redirect_uri": "https://localhost:3001/logout" } } warn: Microsoft.AspNetCore.Watch.BrowserRefresh.BrowserRefreshMiddleware[4] Unable to configure browser refresh script injection on the response. This may have been caused by the response's Content-Encoding: 'br'. Consider disabling response compression.
