Details
Description
When nifi-1.11.4 is integrated with Okta OpenID Connect for authentication, 'LOG OUT' button on the front page does not work. It does not log a user out properly without redirecting to the Logout Redirect URL.
When the button is clicked, the following message is displayed on the browser
{"errorCode":"invalid_client","errorSummary":"Invalid value for 'client_id' parameter.","errorLink":"invalid_client","errorId":"oae_YfJRUHCQe-BqYnPw6opFg","errorCauses":[]}
The button makes a GET request to the following address.
According to Okta document https://developer.okta.com/blog/2020/03/27/spring-oidc-logout-options, the logout endpoint format should be as shown below:
https://dev-123456.okta.com/oauth2/default/v1/logout?id_token_hint=<id-token>&post_logout_redirect_uri=http://localhost:8080/
And it seems that post_logout_redirect_uri should be "https://{nifi server dns name}:{port number}/nifi-api/access/oidc/logout"