Social Logout in Sitefinity

December 20, 2017

This comes from a ticket that took like 9 months to resolve, so I'm posting it to save others the hassle :)

The site has a company login that is *just* Google auth, no SF or any other mechanism to get in.  The problem was on logout of sitefinity the user was still logged into google.  So when they click the sitefinity login button again they don't even get prompted to log into google (since they already are), sitefinity just sends them right in.

So on a public computer you can see where this causes problems right... if user X forgets to sign out of google and user Y sits down, sitefinity logs user Y in AS user X.

Here's how to fix this
1) Configure identity server to allow a specific redirect url after sitefinity logout, you do that here:

  • Authentication
  • SecurityTokenService
  • IdentityServer
  • Clients
  • sitefinity
  • PostLogoutRedirectUris
  • Create new, add your Url


So sitefinity's logout route is this


One would think you could just change it to be 


But you would be wrong, this is what took so long to resolve the ticket... the redirect uri actually needs to be ENCODED at this point or it won't work.

So this URI will work just fine


What happens from here is you're sent to the SF logout page, properly logged out from sitefinity then instantly sent over to the google signout page and signed out from there as well.

Works fantastic!


Image Description

Steve McNiven-Scott

Best\Only Blogger on this site. Therefore defacto blogger of the year Award Winner.