We have a custom portal where our users login. The entire login process is the Authorization grant flow and once Logged in, the browser has the session stored for Zendesk and I have the Auth Token to make API calls. However, once the user logs out from the custom portal, we revoke the Auth token, but the browser sessions are still valid and they can still access their logged in Zendesk.
1. How do I logout the local session also of the user when I click on the Logout option on the custom portal?
2. I've also tried pulling the Active sessions from the API, but It gives me all the active sessions. It becomes really difficult to find the current session that has to be deleted from all the list of active sessions. I don't want to logout the user of a wrong session.
Currently I'm using the Logout URL ( company.zendesk.com/access/logout ) to Logout user. I open this link in a new tab to clear the session. But I don't think this is the best possible way.
Is there a proper way to logout users? Deleting the sessions looks the most promising way but when I have multiple sessions active, and I have to only delete a single (the current session) one, It becomes difficult to decide which one is the current local session.
Cette publication n’accepte pas de commentaire.