Redirecting Shopify users after signing out via Auth0
Shopify Plus subscribers gain access to OIDC support with which their customers can authentication using Auth0.
When one sets up this integration, they’re likely to find the recognisable
returnTo parameter they would normally provide to the logout route ceases to
work, and with it the Auth0 logs say nothing of disallowed callbacks or unknown
parameters.
Fortunately, buried deep within Auth0’s OIDC documentation, there exists a list of supported parameters that one can use when configuring their Shopify OIDC integration.
| Parameter | Required? | Description |
|---|---|---|
| id_token_hint | Recommended | ID token previously issued for the user. That indicates which user to log out. |
| logout_hint | Optional | Session ID (sid) value that indicates which user to log out. |
| post_logout_redirect_uri | Optional | Redirect URL value that indicates where to redirect the user after logout. |
| client_id | Optional | Client ID of your application. |
| federated | Optional | Directs Auth0 to log the user out of their identity provider. |
| state | Optional | Opaque value that the application adds to the initial logout request, and that Auth0 includes when redirecting the back to the post_logout_redirect_uri. |
| ui_locales | Optional | Space-delimited list of locales used to constrain the language list for the request. The first locale on the list must match the enabled locale in your tenant. |
Rather than using returnTo, one should ask Shopify to use the
post_logout_redirect_uri parameter.