hlmrn

1thread

1reply

Threads created

Custom auth provider - logout with id token

The user has set up a custom auth provider using OIDC. While login works, logging out via the Supabase session does not terminate the OIDC session. The user needs access to the id_token_hint parameter to properly log out, which is not currently available in the session.

Auth

Recent replies

I'm running into the same issue, but with another OIDC provider. As part of the certification for that provider we need to ensure a logout also invalidates the OIDC session. That seems to not be possible because: * Supabase does not log out the underlying OIDC session. I think it should! * Supabase does not provide access to the id token, so we cannot supply this to the OIDC logout via id_token_hint So we seem firmly stuck and unable to get verified by the provider.

4/20/2026, 9:19:43 PMView on platform

Loading user profile...