我从Microsoft文档中看到了以下声明 . https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-reference-oidc#send-a-sign-out-request
Although directing the user to the end_session endpoint will clear some of the user's single sign-on state with Azure AD B2C, it will not sign the user out of their social identity provider (IDP) session. If the user selects the same IDP during a subsequent sign-in, they will be reauthenticated, without entering their credentials. If a user wants to sign out of your B2C application, it does not necessarily mean they want to sign out of their Facebook account. However, in the case of local accounts, the user's session will be ended properly.
但在My Case中,我无法直接访问外部身份提供程序以手动注销 . 因此,如果我想使用不同的用户登录同一个外部身份提供商,我无法登录 . 默认情况下,如果我从Azure AD B2C单击外部身份提供程序,它将使用已使用的凭据自动重新进行身份验证 . 我尝试删除cookie也不适合我 . 有没有办法在调用Azure AD B2C注销时还应注销外部身份提供商?
1 回答
您最好的选择是让您的应用程序显示“您已注销,但最好关闭所有浏览器窗口”消息给已注销的用户 .