Introduction
Handling user authentication and managing post-logout is very important for personalized web applications. This is a continuation of my previous article on Handling Azure AD B2C claims in the Blazor web application.
In this article, we will explore how to implement post-logout redirection in a Blazor application integrated with Azure AD B2C. From configuring Azure AD B2C settings to customizing the Blazor application's behavior, we will cover the necessary steps to ensure users are redirected to the desired location after logging out. Whether you're building a public-facing app or an enterprise solution, this guide will equip you with the knowledge to deliver a polished and user-friendly logout experience.
- Post Log out Redirection
- Open your Blazor application
Add the code below to the Program.cs file.
builder.Services.Configure<OpenIdConnectOptions>(OpenIdConnectDefaults.AuthenticationScheme,
options =>
{
options.Events = new OpenIdConnectEvents
{
OnRedirectToIdentityProviderForSignOut = async context =>
{
var postLogoutRedirectUri = context.Request.Scheme + "://" + context.Request.Host + "/";
context.Properties.RedirectUri = postLogoutRedirectUri;
context.ProtocolMessage.PostLogoutRedirectUri = postLogoutRedirectUri;
await Task.CompletedTask;
}
};
});
The onRedirectToIdentityProviderForSignOut event from the ASP.Net Core authentication for the open ID connect library will help define the post-logout redirect URI.
Now, whenever the user does logout/sign out, it will redirect to the Home/Index page.
This event will give you more control over the actions to be performed post-logout.
![Control Over Actions]()
Make sure the “Require ID Token in logout validation” is set to No. This allows for simpler logout processes but comes with a reduced level of security since any party with the correct logout URL could potentially trigger a logout request.
However, the most secure and recommended approach is to enable the Require ID Token in logout validation.
I will discuss more about the Require ID Token in the logout requests setting in my next article.
Summary
In this article, we have seen how to configure the Azure AD B2C settings to support logout URL redirection, including changes to the redirect URIs and logout URL. It then delves into customizing the Blazor application's authentication flow to handle logout events effectively. It helps the developers to customize the Blazor application routing with user-friendly post-logout redirection functionality.