#OpenID Frontchannel logout

Hello,

I would like some help regarding the OpenID Frontchannel Logout URL.
I have a provider setup, but for the session to be removed, I want a frontchannel URL setup.

Now the following things get sent to a frontchannel uri: iss & sid. Which is what and how do I properly delete the session from Appwrite?

maybe that info is in the provider access token on the identity in appwrite?

that means i have to loop every session that exists in appwrite to find the SID in the access tokens

🤔

because SID does exist in the access token and refresh token, but there is no way to make a sort of search query :/

no get the identity

in the example it says "email" 🤔

https://appwrite.io/docs/references/cloud/server-nodejs/users#listIdentities

huh?

That's what the examples say in all the session/identity for the "provider" field

Oooh wait

did you mean the SID is the Identity ID?

the provider will be whatever oauth it is. try the API call to see.

the access token from the identity might be a JWT that incldues iss and sid

OpenID supports a "Logout Frontchannel URI", it's basically an iframe with only a GET, since it's an iframe.

There's the following issue:
The provider only sends "SID" and sometimes "ISS" (not useful), the SID is in each refresh and access token, but how am I supposed to find this "SID" from any user?

Let's say the user is not signed into the website and it's a mobile only app. The frontchannel is not an issue, it's basically just knowing "who am i logging out, and what session?"

So do I just search the providerAccessToken?

like a contains?

have you gotten the access token yet? can you see what it looks like?

I haven't

try it