'How to specify custom logout URL when using Azure AD authentication in .NET core

I have an ASP.NET core 2.2 web application that uses work or school accounts (Azure AD authentication). When I sign out, the application ends up at

/AzureAD/Account/SignedOut

I'd like for it to redirect back to the home page using the Logout URL specified in the application registration. See below for screenshot. When specifying a logout URL here, Azure AD does in fact call that page (to clear session data), but then it finally ends up at the /AzureAD/Account/SignedOut location. I don't see anywhere else to specify the equivalent of a logout URL. Here is the code for the sign out button as generated by Visual Studio when using Azure AD authentication.

<a asp-area="AzureAD" asp-controller="Account" asp-action="SignOut">Sign out</a>

I've also tried adding the redirect directly onto the action.

<a asp-area="AzureAD" asp-controller="Account" asp-route-post_logout_redirect_uri="https://localhost:44381" asp-action="SignOut">Sign out</a>

enter image description here

authenticationasp.net-coreazure-active-directory


Solution 1:[1]

One way is to use custom URL Rewriting Middleware to redirect by checking the path , put below codes before app.UseMvc:

app.UseRewriter(
    new RewriteOptions().Add(
        context => { if (context.HttpContext.Request.Path == "/MicrosoftIdentity/Account/SignedOut")
            { context.HttpContext.Response.Redirect("/Index"); }
        })
);

Solution 2:[2]

I agree with Tom. Here is my .NET 6 workaround:

[AllowAnonymous]
    [Area("MicrosoftIdentity")]
    [Route("[area]/[controller]/[action]")]
    public class B2CAccountController : Controller
    {

        /// <summary>
        /// Called when the Sign-In button is invoked (not after authenticated)
        /// </summary>
        /// <param name="scheme"></param>
        /// <returns></returns>
        [HttpGet("{scheme?}")]
        public IActionResult SignIn([FromRoute] string scheme)
        {
            scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
            var redirectUrl = Url.Content("~/");
            var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
            return Challenge(properties, scheme);
        }

        [HttpGet("{scheme?}")]
        public async Task<IActionResult> SignOutAsync([FromRoute] string scheme)
        {
            var redirectUrl = Url.Content("~/"); // CO 5/13 required to ensure logout redirects home
            var properties = new AuthenticationProperties { RedirectUri = redirectUrl };
            scheme ??= OpenIdConnectDefaults.AuthenticationScheme;
            //obtain the id_token
            var idToken = await HttpContext.GetTokenAsync("id_token");
            //send the id_token value to the authentication middleware
            properties.Items["id_token_hint"] = idToken;
            return SignOut(properties, CookieAuthenticationDefaults.AuthenticationScheme, scheme);
        }
    }

I added a comment in the SyncOutAsync method that shows where to change redirect path.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 J Weezy
Solution 2 Carlos Ortega

Related Questions