How to redirect to a specific web page after sign out from Entra ID

How to redirect to a specific web page after sign out from Entra ID

With some more digging I found the below changes resulted in a successful redirect to a page of my choosing.

I found that if the SignedOutCallbackPath is set to anything other than /signout-oidc, then on sign out, the user gets redirected to /Account/SignOut. This happens regardless of what SignedOutRedirectUri gets set to, since it's hardcoded into the AccountController provided as part of the Microsoft.Identity.Web.UI nuget package.

This lead to the following OpenIdConnectOptions configuration in Program.cs

builder.Services.Configure<OpenIdConnectOptions>(
    OpenIdConnectDefaults.AuthenticationScheme,
    options => {
        options.SignedOutCallbackPath = "/signout-callback-oidc";
        options.SignedOutRedirectUri = "/Account/SignOut";
});

Next, I implemented my own AccountController, with a route that matches the signout redirect URI /Account/Signout. In this controller action, I redirect to the page I want to display:

public class AccountController : Controller
{
    public new IActionResult SignOut()
    {
        base.SignOut();

        return RedirectToAction("Index", "Home");
    }
}

Lastly, I updated my App Registration in Entra ID, setting "Front-channel logout URL" to match that of the SignedOutCallbackPath property:

Users are now correctly redirected to the public home page of the site once they've successfully signed out.

A special thanks to Jalpa Panchal, whose response set me on the path of providing a custom implementation for URI that the site is being redirected to.

 

How do I define the SignedOut page in Microsoft.Identity.Web?

Microsoft.Identity.Web v1.9

Updated: Here's my preferred method

Just add this to your startup.cs under Configure. Here I've just redirected to my home page, but you can redirect to your own custom signout page if you wish.

app.UseRewriter(
new RewriteOptions().Add(
    context =>
    {
        if (context.HttpContext.Request.Path == "/MicrosoftIdentity/Account/SignedOut")
        {
            context.HttpContext.Response.Redirect("/");
        }
    }));

Method #2

While writing the question I did find one way to do this that is very simple. It still seems odd this is the intended way, so please feel free to improve or add better answers. I suspect new versions will come out to make this easier.

Because Microsoft.Identity.Web.UI is a Reusable Class Library (RCL), any page can be overridden just by adding it to your web app in the same location.

As you can see, I almost accomplished this by creating my own SignedOut.razor page and giving it the same path as the URL. That doesn't work, because it's a razor component, and it has to match the path in the source, not the URL in the web app.

Thankfully it's open source. I had to find the path here, since it wasn't obvious to me. https://github.com/AzureAD/microsoft-identity-web

So here is the correct path you need in your project and the best answer I could find that is working to give yourself a real SignedOut page. I suppose you'd have to add a redirect here if you did not want a SignedOut page.

Areas/MicrosoftIdentity/Pages/Account/SignedOut.cshtml

 

 

 

作者:Chuck Lu    GitHub    
posted @   ChuckLu  阅读(8)  评论(0编辑  收藏  举报
相关博文:
阅读排行:
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· Docker 太简单,K8s 太复杂?w7panel 让容器管理更轻松!
历史上的今天:
2022-05-14 vlookup的近似匹配规则
2021-05-14 Appveyor: FIND: Parameter format not correct
2021-05-14 Creating an archive from a directory without the directory name being added to the archive
2020-05-14 event bus
2020-05-14 想要学习设计模式,你得先会看类图,一张图读懂UML
2020-05-14 DDD学习
2019-05-14 Where should I put <script> tags in HTML markup?
点击右上角即可分享
微信分享提示