Logging out with Azure AD

TeaMonkeyFruit · February 20, 2021, 6:15pm

I'm new to radzen and blazor, but love what I've seen so far. Just upgraded to a radzen professional license.

I have a basic app up and running (few basic CRUD pages) using Azure AD security. I followed the radzen docs to setup the Azure AD security. I'm able to login to the app and navigate around. The problem I run into is on logout. When I choose Logout I get an error page that says:

There was an error trying to log you out: ''

The URL has a message:

https://localhost:5001/authentication/logout-failed?>message=The%20logout%20was%20not%20initiated%20from%20within%20the%20page.

The user is not logged out, and I can continue to access the CRUD pages.

I'm confused.... am I missing a setup set?

Anyone seen this before?

korchev · February 20, 2021, 8:40pm

Hi @TeaMonkeyFruit,

Unfortunately we are not aware of such issue. Could you send us your application to info@radzen.com so we can troubleshoot?

mkfromhighlands · April 22, 2022, 9:23am

Hi there,

I have a basic question to this: after successfully logging to my app over AzureAD, I can use it as expected. But I miss logout functionality out of the box... how would you suggest to do that? Use a button and decorate it with a link to a specific logout-URL (which can be configured in AzureAD)

How can I get the Logout-URL?

mkfromhighlands · April 22, 2022, 9:34am

SORRY!

I was used to the behaviour of internal security. I made it by adding "ProfileMenu" from the Toolbox... way too easy

Follow-up-question: is it possible to show the account-picture from AzureAD instead of the Gravatar?

korchev · April 22, 2022, 12:18pm

We don't know if this is possible. If it is available as a claim you can probably get it by extending the SecurityService.

mkfromhighlands · June 16, 2022, 1:31pm

Hello there, I´m sorry but I have to open this topic again as I am not able to redirect to login after logout...:

My WASM app is connected to Azure AD. I want to logout with the logout-button in my profile menu.
As far as I can see, this triggers Task Logout in SecurityService.cs which navigates me to

navigationManager.NavigateTo("authentication/logout", true);

After that, I get redirected to

Sign out...

In this screen, I am asked from which account I want to sign-out. If I select my account, I get redirected to

https://localhost:5001/authentication/logout-callback

and then immediately to

https://localhost:5001/authentication/logged-out

But I want to get redirected to https://localhost:5001 again, where I can login again.

I have tried to insert all of those URLs into Azure --> App registration --> Authentication --> Redirect URLs, but this has no impact at all. Furthermore I have tried Azure --> App registration --> Authentication --> Front-channel logout URL... no effect here, too.

I have tp admit that I absolutely don't understand where the trigger for the redirect is here and how I can set this up correctly. I also want to know, where the redirect to the "/logged-out"-page comes from... Has anyone done this before? Maybe also someone from the community?

Thanks in advance!

Martin

korchev · June 16, 2022, 1:56pm

It is the default configuration.

mkfromhighlands · June 17, 2022, 11:08am

@korchev Thank you for the link. This lead me to try the following which was the solution in my case:

I´ve added

https://localhost:5001/authentication/logout-callback

to the list of redirect urls in AAD as this is the trigger for logout-procedure - according to documentation.

I´ve added the following to client/wwwroot/appsettings.json (under "AzureAd"):

"postLogoutRedirectUri": "https://localhost:5001"

And voila: after successful logout I get redirected to AAD login screen.