How to redirect to a specific web page after sign out from Entra ID

How to redirect to a specific web page after sign out from Entra ID

With some more digging I found the below changes resulted in a successful redirect to a page of my choosing.

I found that if the SignedOutCallbackPath is set to anything other than /signout-oidc, then on sign out, the user gets redirected to /Account/SignOut. This happens regardless of what SignedOutRedirectUri gets set to, since it's hardcoded into the AccountController provided as part of the Microsoft.Identity.Web.UI nuget package.

This lead to the following OpenIdConnectOptions configuration in Program.cs

builder.Services.Configure<OpenIdConnectOptions>(
    OpenIdConnectDefaults.AuthenticationScheme,
    options => {
        options.SignedOutCallbackPath = "/signout-callback-oidc";
        options.SignedOutRedirectUri = "/Account/SignOut";
});

Next, I implemented my own AccountController, with a route that matches the signout redirect URI /Account/Signout. In this controller action, I redirect to the page I want to display:

public class AccountController : Controller
{
    public new IActionResult SignOut()
    {
        base.SignOut();

        return RedirectToAction("Index", "Home");
    }
}

Lastly, I updated my App Registration in Entra ID, setting "Front-channel logout URL" to match that of the SignedOutCallbackPath property:

Users are now correctly redirected to the public home page of the site once they've successfully signed out.

A special thanks to Jalpa Panchal, whose response set me on the path of providing a custom implementation for URI that the site is being redirected to.

 

How do I define the SignedOut page in Microsoft.Identity.Web?

Microsoft.Identity.Web v1.9

Updated: Here's my preferred method

Just add this to your startup.cs under Configure. Here I've just redirected to my home page, but you can redirect to your own custom signout page if you wish.

app.UseRewriter(
new RewriteOptions().Add(
    context =>
    {
        if (context.HttpContext.Request.Path == "/MicrosoftIdentity/Account/SignedOut")
        {
            context.HttpContext.Response.Redirect("/");
        }
    }));

Method #2

While writing the question I did find one way to do this that is very simple. It still seems odd this is the intended way, so please feel free to improve or add better answers. I suspect new versions will come out to make this easier.

Because Microsoft.Identity.Web.UI is a Reusable Class Library (RCL), any page can be overridden just by adding it to your web app in the same location.

As you can see, I almost accomplished this by creating my own SignedOut.razor page and giving it the same path as the URL. That doesn't work, because it's a razor component, and it has to match the path in the source, not the URL in the web app.

Thankfully it's open source. I had to find the path here, since it wasn't obvious to me. https://github.com/AzureAD/microsoft-identity-web

So here is the correct path you need in your project and the best answer I could find that is working to give yourself a real SignedOut page. I suppose you'd have to add a redirect here if you did not want a SignedOut page.

Areas/MicrosoftIdentity/Pages/Account/SignedOut.cshtml

 

 

 

作者:Chuck Lu    GitHub    
posted @   ChuckLu  阅读(7)  评论(0编辑  收藏  举报
相关博文:
阅读排行:
· 全程不用写代码,我用AI程序员写了一个飞机大战
· DeepSeek 开源周回顾「GitHub 热点速览」
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
历史上的今天:
2022-05-14 vlookup的近似匹配规则
2021-05-14 Appveyor: FIND: Parameter format not correct
2021-05-14 Creating an archive from a directory without the directory name being added to the archive
2020-05-14 event bus
2020-05-14 想要学习设计模式,你得先会看类图,一张图读懂UML
2020-05-14 DDD学习
2019-05-14 Where should I put <script> tags in HTML markup?
点击右上角即可分享
微信分享提示