Français

How to logout uses when they've logged in on a custom portal

Répondu
Groffer Anderson

We have a custom portal where our users login. The entire login process is the Authorization grant flow and once Logged in, the browser has the session stored for Zendesk and I have the Auth Token to make API calls. However, once the user logs out from the custom portal, we revoke the Auth token, but the browser sessions are still valid and they can still access their logged in Zendesk. 

Question:

1. How do I logout the local session also of the user when I click on the Logout option on the custom portal?

2. I've also tried pulling the Active sessions from the API, but It gives me all the active sessions. It becomes really difficult to find the current session that has to be deleted from all the list of active sessions. I don't want to logout the user of a wrong session.

Additional Details: 

Currently I'm using the Logout URL ( company.zendesk.com/access/logout ) to Logout user. I open this link in a new tab to clear the session.  But I don't think this is the best possible way. 

Is there a proper way to logout users? Deleting the sessions looks the most promising way but when I have multiple sessions active, and I have to only delete a single (the current session) one, It becomes difficult to decide which one is the current local session. 

References: 
1. Zendesk Sessions API
2. Zendesk Logout URL

3 Commentaires

  • Dwight Bussman
    Zendesk Customer Care

    HeyO Raghav,

    We also have a Sessions API endpoint documented here that would allow you to terminate the currently-authenticated session. If that doesn't help to do what you're looking for, I suspect that the method you're already using of directing folks to that access/logout URL is the best way to accomplish this.

    Dwight B. | Customer Advocate

    0
  • Groffer Anderson

    Thanks @...
    So, The API does support deleting a session if I have a session_Id. Is there anyway to get the session_id when I login on the Zendesk console using the OAuth Grant? Or do we have a case where I can fetch the current session of zendesk, If I've used OAuth Grant flow? 
    If i won't have the session Id, I'll have to delete all the running sessions of the user, which does not seem to be the best option. 

    0
  • Dwight Bussman
    Zendesk Customer Care

    HeyO @...

    Does this endpoint get you the session info you're after? https://developer.zendesk.com/rest_api/docs/support/sessions#show-the-currently-authenticated-session 

    0

Cette publication n’accepte pas de commentaire.

Ce n’est pas ce que vous cherchez ?

Nouvelle publication
Réalisé par Zendesk