Sign users out of Okta

Sign users out of Okta by ending their session on the Okta Authorization Server.

Open the controller where you handle the sign-out process and update the SignOut action. This time you need to also sign the user out of the Okta OIDC middleware with OktaDefaults.MvcAuthenticationType:

public class AccountController : Controller
{
    [HttpPost]
    public ActionResult SignOut()
    {
        if (HttpContext.User.Identity.IsAuthenticated)
        {
            HttpContext.GetOwinContext().Authentication.SignOut(
                CookieAuthenticationDefaults.AuthenticationType,
                OktaDefaults.MvcAuthenticationType);
        }

        return RedirectToAction("Index", "Home");
    }
}

Update your using statements to import the following namespaces:

using Microsoft.Owin.Security.Cookies;
using Okta.AspNet;

After users sign out of Okta, they are redirected to the location defined in Define the sign-out callback section.

Next steps

Sign users out of Okta

On This Page