log-out will not work with Keycloak

[LouisVA]

The current implementation of log out sends (with my keycloak running on :18080)

http://localhost:18080/auth/realms/test-platform/protocol/openid-connect/logout?post_logout_redirect_uri=XXXXXXX&logout_hint=YYYYYY

With XXXXXX being your redirect URL configured in Keycloak and logout_hint ? I don't know, also not mentioned in the specification.

However this call does not work for the latest version of keycloak because of the fact that it does not support logout_hint but only supports id_token_hint. Keycloak also does not accept a log-out WITHOUT the id_token_hint even though the id_token_hint is a recommended param and not a mandatory one. However the reason is that keycloak tries to conform to the OIDC test-suite where it is a mandatory param.

However sending the correct id_token_hint also seems to fail (I tried sending the jwt token, the jti, the sti). None worked.

But as an alternative I found that sending the client_id instead does work. So for anyone trying to use a vue front app with Keycloak.

The logout should be:
http://localhost:18080/auth/realms/test-platform/protocol/openid-connect/logout?post_logout_redirect_uri=XXXXXXX&client_id=YYYYYY

With XXXXXX being your redirect URL configured in Keycloak and YYYYY being the client_id of the app you're trying to logout from.