Configuring Post-Logout Redirect URI in Blazor Applications with OpenIddict

How can you redirect a user to the homepage after logout rather then the "You have been logged out" page? Let's find out!

Feb 10, 2025

OpenIddict module provides authentication features like single sign-on, single log-out, and API access control. While it comes pre-installed in ABP applications, the default post-logout redirect URI (/authentication/logout-callback) shows a generic logout page:

The default post logout redirect page is part of the built-in authentication of ASP.NET Core. For more information about customizing authentication UI, see the ASP.NET Core Blazor WebAssembly additional security scenarios documentation.

Let's modify this to redirect users to a more useful page after logout.

Quick Solution

Update OpenIddictDataSeedContributor with your desired redirect URL
Run DbMigrator to apply changes
Configure the Blazor client to match the new URL

Detailed Implementation

1. Updating OpenIddictDataSeedContributor

Find OpenIddictDataSeedContributor in your domain project (typically *.Domain for layered applications). Look for the CreateApplicationsAsync method:

        
  public class OpenIddictDataSeedContributor : IDataSeedContributor, ITransientDependency
{
    //...
    
    [UnitOfWork]
    public virtual async Task SeedAsync(DataSeedContext context)
    {
        await CreateScopesAsync();
        await CreateApplicationsAsync();
    }

    private async Task CreateApplicationsAsync()
    {
        var commonScopes = new List<string> {
            OpenIddictConstants.Permissions.Scopes.Address,
            OpenIddictConstants.Permissions.Scopes.Email,
            OpenIddictConstants.Permissions.Scopes.Phone,
            OpenIddictConstants.Permissions.Scopes.Profile,
            OpenIddictConstants.Permissions.Scopes.Roles,
            "AbpSolution5"
        };

        var configurationSection = _configuration.GetSection("OpenIddict:Applications");

        // Blazor Client
        var blazorClientId = configurationSection["AbpSolution5_Blazor:ClientId"];
        if (!blazorClientId.IsNullOrWhiteSpace())
        {
            var blazorRootUrl = configurationSection["AbpSolution5_Blazor:RootUrl"]?.TrimEnd('/');

            await CreateApplicationAsync(
                applicationType: OpenIddictConstants.ApplicationTypes.Web,
                name: blazorClientId!,
                type: OpenIddictConstants.ClientTypes.Public,
                consentType: OpenIddictConstants.ConsentTypes.Implicit,
                displayName: "Blazor Application",
                secret: null,
                grantTypes: new List<string> {
                    OpenIddictConstants.GrantTypes.AuthorizationCode,
                    OpenIddictConstants.GrantTypes.RefreshToken,
                },
                scopes: commonScopes,
                redirectUri: $"{blazorRootUrl}/authentication/login-callback",
                postLogoutRedirectUri: $"{blazorRootUrl}/authentication/logout-callback",
                clientUri: blazorRootUrl,
                logoUri: "/images/clients/blazor.svg"
            );
        }

        //...
    }
}

view raw OpenIddictDataSeedContributor.cs hosted with ❤ by GitHub

Change the postLogoutRedirectUri to your desired location. Common options include:

// Redirects to the home page
postLogoutRedirectUri: $"{blazorRootUrl}",

// Redirects to the login page
postLogoutRedirectUri: $"{blazorRootUrl}/authentication/login",

// Redirects to a custom page
postLogoutRedirectUri: $"{blazorRootUrl}/custom-logout",

2. Update Database

Run the DbMigrator project to apply your changes:

cd src/YourProject.DbMigrator
dotnet run

3. Configure Blazor Client

Find your Blazor module class (usually *BlazorClientModule.cs) and update the ConfigureAuthentication method:

        
  private static void ConfigureAuthentication(WebAssemblyHostBuilder builder)
{
    builder.Services.AddOidcAuthentication(options =>
    {
        builder.Configuration.Bind("AuthServer", options.ProviderOptions);
        options.UserOptions.NameClaim = OpenIddictConstants.Claims.Name;
        options.UserOptions.RoleClaim = OpenIddictConstants.Claims.Role;

        options.ProviderOptions.DefaultScopes.Add("AbpSolution5");
        options.ProviderOptions.DefaultScopes.Add("roles");
        options.ProviderOptions.DefaultScopes.Add("email");
        options.ProviderOptions.DefaultScopes.Add("phone");
    });
}

view raw BlazorClientModule.cs hosted with ❤ by GitHub

Add the following line to specify your desired post-logout redirect URI:

options.ProviderOptions.PostLogoutRedirectUri = "{your-desired-page}";

That's it. Now, when you logout, the Blazor application will redirect to the page you specified, and since you have configured the Blazor application definition's post-logout redirect URI to the same page, it will work as expected.

Troubleshooting

If redirection doesn't work, check that both URIs match exactly (including trailing slashes)
Verify DbMigrator ran successfully
Clear browser cookies if testing changes
Check the browser console for any OIDC-related errors

Summary

By updating both the OpenIddict configuration and Blazor client settings, you can customize where users land after logging out. This creates a better user experience than the default logout page.

I hope you found this article useful. Thank you for reading :)

Engincan Veske

Discussion about this post