OP is tracking session by `session_id` cookie. Would you be so kind to provide : 1. `oxauth.log` file (make sure TRACE logging is on, so we can see verbose logging)? 2. Would you please check your Connect RP handles `logout_uri` and logs itself out on calling it? Thanks, Yuriy Z

When I call end_session it is automatically removed the **session_id** cookie. But **session_state** and **JSESSIONID** is not cleared. And I'm also providing the logout URI when calling the end_session. The sample URL is looks like this https://auth_server/oxauth/restv1/end_session?**id_token_hint**=asdf456asd456fasd456fas456fsd456f456asdf&**post_logout_redirect_uri**=http%3A%2F%2F192.168.1.1%3A3000 And also I'll the oxauth.log file soon.

I assume you stick to front channel logout, is it correct? If yes, then would you be so kind to check whether your RP logs itself out when `frontchannel_logout_uri` is hit ? According to specification ``` http://openid.net/specs/openid-connect-frontchannel-1_0.html#OPLogout ``` OP removes only OP session, it's responsibility of RP to drop own session (if it has one). Hopefully oxauth.log file will help to clarify the situation. In addition, please give client LDIF, so we can check data for it. Thanks, Yuriy

I am using oidc-client.js for Open ID Connect. Here is the configuration file of User Manager. ``` const userManagerConfig = { userStore: new WebStorageStateStore({ store: window.localStorage }), client_id: process.env.REACT_APP_OAUTH_CLIENT_ID, post_logout_redirect_uri: `${window.location.protocol}//${window.location.hostname}${window.location.port ? `:${window.location.port}` : ''}`, client_frontchannel_logout_uris: `${window.location.protocol}//${window.location.hostname}${window.location.port ? `:${window.location.port}` : ''}/renew/silent_renew.html`, redirect_uri: `${window.location.protocol}//${window.location.hostname}${window.location.port ? `:${window.location.port}` : ''}/oauth/callback`, silent_redirect_uri: `${window.location.protocol}//${window.location.hostname}:${window.location.port}/renew/silent_renew.html`, response_type: 'token id_token', // scope: process.env.REACT_APP_OAUTH_SCOPE, nonce: process.env.REACT_APP_OAUTH_NONCE, acr_values: process.env.REACT_APP_OAUTH_ACR, authority: process.env.REACT_APP_OAUTH_SERVER, automaticSilentRenew: true, accessTokenExpiringNotificationTime: process.env.REACT_APP_OAUTH_EXPIRY_CHECK, revokeAccessTokenOnSignout: true, }; ``` I've also checked oxauth.log file. It is only logged INFO for Authentication Success. I don't see any logout log.

I'm not familiar with this library. 1. Would you be so kind to show source code of your `frontchannel_logout_uri` handler? If I got correctly from configuration you have handler on `/renew/silent_renew.html`, right? 2. Please turn TRACE logging and then try again. See documentation `https://gluu.org/docs/ce/3.1.2/operation/logs/#log-levels` Thanks, Yuriy

**I really thank you for your kind reply.** I didn't manage any handler in Oauth server. I've just configured. In my client side I'm just calling the above URL as I mentioned in my 2nd reply. When I try to login finaly I got the below log ``` 2018-01-29 11:01:54,059 INFO [qtp212628335-14] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:342) - Authentication success for User: 'PRAVEEN' ``` When I call logout I'm only getting the below one. ``` 2018-01-29 11:02:08,214 INFO [qtp212628335-14] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:205) - Authentication success for Client: 'CLIENT_ID' ``` Update 2: ``` renew/silent_renew.html ``` is for silent refresh of the access token.

1. you need logout handler on RP which listens on `frontchannel_logout_uri`. It is RP code (not oauth server). 2. it seems you still have logger on INFO level, please follow documentation I sent in previous comment. In logs you should see something like `Attempting to end session`. And please give me full `oxauth.log` file so I can see full picture. 3. Please provide LDIF of your client. Thanks, Yuriy Z

> I am using oidc-client.js for Open ID Connect. This is not one of our supported OpenID Connect clients. Please review the list of supported clients in the [integration guide](https://gluu.org/docs/ce/integration/). Thanks, Will

I've done some testing of `/oxauth/end_session` endpoint, and it seems to work as intended to me. Here is [API highlights](https://gluu.org/docs/ce/3.1.2/api-guide/openid-connect-api/#requestendsession) for its parameters, may be Praveen submitted some of them wrong. `oxauth.log` also may contain clues on what went wrong.

Here is my full log of a particular time... I've done a logout and login request in this time. And here is my exact end session URI ``` https://auth_server/oxauth/restv1/end_session?id_token_hint=asdf456asd456fasd456fas456fsd456f456asdf&post_logout_redirect_uri=http%3A%2F%2F192.168.1.1%3A3000 ``` Here is the LOG (from pastebin) ``` https://pastebin.com/dCpjADLV ```

For future reference, please submit such logs as past bin links, etc. We cannot efficiently understand this type of log dump on our forum.

Sorry for the raw text, Here is the pastbin link of LOGs. I don't see any Attempting to end session log here. [LOG FILE](https://pastebin.com/dCpjADLV)