Blank Page After Logout with Custom Auth0 Setup

Support
1

I have…

  • Read the following guideline: Troubleshooting and Support | Squidex. I understand that my support request might get deleted if I do not follow the guideline.
  • Used code blocks with ``` to format my code examples like JSON or logs properly.

I’m submitting a…

  • Regression (a behavior that stopped working in a new release)
  • Bug report
  • Performance issue
  • Documentation issue or request

Current behavior

I’ve set up custom authentication using Auth0 with the following environment variables:

IDENTITY__OIDCAUTHORITY=https://<>.eu.auth0.com/
IDENTITY__OIDCGETCLAIMSFROMUSERINFOENDPOINT=true
IDENTITY__OIDCNAME=Auth0
IDENTITY__OIDCRESPONSETYPE=code
IDENTITY__OIDCSCOPES=...
IDENTITY__OIDCCLIENT=...
IDENTITY__OIDCSECRET=...
IDENTITY__OIDCONSIGNOUTREDIRECTURL=https://<endpoint>/signout-callback-oidc

Login is working correctly. However, after logout, I get redirected to a blank page. I expected it to redirect properly and show a confirmation or redirect to the login page.

Expected behavior

After logout, the user should be redirected cleanly to a post-logout page (e.g., login page or a confirmation page), not to a blank screen.

Minimal reproduction of the problem

Set up Squidex with Auth0 using the above environment variables. Initiate logout from the app.

Environment

App Name:

  • Self hosted with docker
  • Self hosted with IIS
  • Self hosted with other version
  • Cloud version

Version: 7.18.0

Browser:

  • Chrome (desktop)
  • Chrome (Android)
  • Chrome (iOS)
  • Firefox
  • Safari (desktop)
  • Safari (iOS)
  • IE
  • Edge

Others:
I suspect the issue might be related to the IDENTITY__OIDCONSIGNOUTREDIRECTURL. Could you confirm if /signout-callback-oidc is the correct endpoint or if additional configuration is required?

2

Squidex does not need a signout callback url. The setting is meant for scenarios where you need a custom signout url, but then you need to redirect back to Squidex if needed.

3

Thanks for the quick reply!

I fixed it by setting IDENTITY__OIDCONSIGNOUTREDIRECTURL to https://<endpoint>/login and keeping IDENTITY__OIDCSINGOUTREDIRECTURL as null (default value).

If I don’t set a sign-out callback URL in the UI, I hit an error page, and I can see the error in the logs too.

{
  "logLevel": "Error",
  "message": "An unhandled exception has occurred while executing the request.",
  "eventId": {
    "id": 1,
    "name": "UnhandledException"
  },
  "timestamp": "2025-04-24T08:55:21Z",
  "app": {
    "name": "Squidex",
    "version": "7.18.0.0",
    "sessionId": "2e55bbe0-618f-4db8-b0b0-79c48940356e"
  },
  "web": {
    "requestId": "00-897598e8cd96210a54092b8e8afd0989-9ada5deb00105961-01",
    "requestPath": "/identity-server/connect/logout",
    "requestMethod": "GET"
  },
  "category": "Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware",
  "exception": {
    "type": "System.InvalidOperationException",
    "message": "Cannot redirect to the end session endpoint, the configuration may be missing or invalid.",
    "stackTrace": "   at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.SignOutAsync(AuthenticationProperties properties)\n   at Microsoft.AspNetCore.Authentication.AuthenticationService.SignOutAsync(HttpContext context, String scheme, AuthenticationProperties properties)\n   at Microsoft.AspNetCore.Mvc.SignOutResult.ExecuteAsync(HttpContext httpContext)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeResultAsync>g__Logged|22_0(ResourceInvoker invoker, IActionResult result)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResultFilterAsync>g__Awaited|30_0[TFilter,TFilterAsync](ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResultExecutedContextSealed context)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.ResultNext[TFilter,TFilterAsync](State& next, Scope& scope, Object& state, Boolean& isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeResultFilters>g__Awaited|28_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)\n   at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)\n   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)\n   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)\n   at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)"
  }
}```