Sign users out of Okta

Sign users out of Okta by ending their session on the Okta Authorization Server.

• Android
• Angular
• ASP.NET
• ASP.NET Core 2.x
• ASP.NET Core 3.x
• iOS
• Node Express
• React
• Spring Boot
• Vue.js

Open the controller where you handle the sign-out process and update the SignOut action. This time you need to also sign the user out of the Okta OIDC middleware with OktaDefaults.MvcAuthenticationType:

public class AccountController : Controller
{
    [HttpPost]
    public ActionResult SignOut()
    {
        if (HttpContext.User.Identity.IsAuthenticated)
        {
            HttpContext.GetOwinContext().Authentication.SignOut(
                CookieAuthenticationDefaults.AuthenticationType,
                OktaDefaults.MvcAuthenticationType);
        }

        return RedirectToAction("Index", "Home");
    }
}

Update your using statements to import the following namespaces:

using Microsoft.Owin.Security.Cookies;
using Okta.AspNet;

After users sign out of Okta, they are redirected to the location defined in Define the sign-out callback section.

Next: Sign users out of your app