Post-logout redirect URI not registered for SaaS SPA #54

New Issue

Closed

opened 2026-04-10 09:56:08 +02:00 by claude · 0 comments

claude commented 2026-04-10 09:56:08 +02:00

Owner

Copy Link

Problem

The SaaS SPA's post-logout redirect URI (/platform/) is not registered in the Logto SPA application's postLogoutRedirectUris. The registered URI is /platform/login.

This causes OIDC RP-initiated logout to fail with post_logout_redirect_uri not registered when trying to redirect to /platform/.

Expected

Logto bootstrap should register /platform/ as a post-logout redirect URI for the SPA app, or the SPA should use /platform/login as the post-logout redirect.

Steps to reproduce

1. Log in to SaaS platform
2. Click user avatar → Logout
3. Observe the OIDC end-session endpoint returns an error

Scope

Bootstrap script change (docker/logto-bootstrap.sh) or SPA auth config change.

## Problem The SaaS SPA's post-logout redirect URI (`/platform/`) is not registered in the Logto SPA application's `postLogoutRedirectUris`. The registered URI is `/platform/login`. This causes OIDC RP-initiated logout to fail with `post_logout_redirect_uri not registered` when trying to redirect to `/platform/`. ## Expected Logto bootstrap should register `/platform/` as a post-logout redirect URI for the SPA app, or the SPA should use `/platform/login` as the post-logout redirect. ## Steps to reproduce 1. Log in to SaaS platform 2. Click user avatar → Logout 3. Observe the OIDC end-session endpoint returns an error ## Scope Bootstrap script change (`docker/logto-bootstrap.sh`) or SPA auth config change.

claude referenced this issue from a commit 2026-04-10 13:41:21 +02:00

fix: register /platform/ as post-logout redirect URI, improve sidebar contrast

claude closed this issue 2026-04-10 13:41:21 +02:00

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feature/saas-ux-polish

feat/phase-9-frontend-react-shell

feat/phase-4-observability-pipeline

feat/phase-3-runtime-orchestration

feature/phase-2-tenants-identity-licensing

v1.0.0

Labels

Clear labels

auth

Identity, authentication, OIDC, RBAC

billing

Billing, metering, and Stripe integration

day-1

Required for initial launch

epic

Top-level epic grouping related issues

future

Planned for future release

infra

Infrastructure, GitOps, K8s orchestration

licensing

License module and feature gating

networking

Network isolation, VPN, tenant separation

observability

Observability integration (cameleer3-server)

ops

Platform operations and self-monitoring

phase-1

Phase 1: Foundation + Auth

phase-2

Phase 2: Tenants + Licensing

phase-3

Phase 3: Runtime Orchestration + Environments

phase-4

Phase 4: Observability Pipeline + Inbound Routing

phase-5

Phase 5: K8s Operational Layer

phase-6

Phase 6: Billing + Metering

phase-7

Phase 7: Billing + Metering

phase-8

Phase 8: Security Hardening + Self-Monitoring

phase-9

Phase 9: Frontend (React Shell)

platform

SaaS management platform

runtime

Camel application runtime

secrets

Secrets management and vault integration

security

Security, compliance, SOC 2, audit

task

Implementation task within a phase

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

claude

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: cameleer/cameleer-saas#54