Any idea why a simple logout request isn't working? No errors, it just doesn't logout the current user. This is a simple c# controller that inherits from ControllerBase. // /MyEditBar/logout/ public IActionResult Logout() { var context = _httpContextAccessor.HttpContext; if (context != null) { var cookieOptions = _cookieOptionsSnapshot.Get(Umbraco.Cms.Core.Constants.Security.BackOfficeAuthenticationType); var backOfficeCookie = context.Request.Cookies[cookieOptions.Cookie.Name!]; var unprotected = cookieOptions.TicketDataFormat.Unprotect(backOfficeCookie!); var currentUser = unprotected?.Principal.GetUmbracoIdentity() ?? new ClaimsIdentity(); if (currentUser?.IsAuthenticated == true) { var userId = currentUser.GetUserId(); _userService.ClearLoginSessions(userId); return Content("Success"); } } return Content("Not Logged In"); }

You can't do it like that, we mainly don't use cookies in v14+ 🙂 https://kjac.dev/posts/using-umb_ucontext-with-umbraco-14-plus/

to update, I couldn't get this to work, but I was able to get around it by ajaxing the logout url on logout button click. ex. https://localhost:44366/umbraco/management/api/v1/security/back-office/signout?post_logout_redirect_uri=https%3A%2F%2Flocalhost%3A44366%2Fumbraco%2Flogout

Why are you manually signing people out of the backoffice?

The idea was to log people out of the backoffice from the front end of the website, if they are currently logged in.

Yes, got that.. but why 😅

we are experimenting with a conditional edit bar on the front end of the website if a backoffice user is logged in. This saves the editor from trying to locate the page to edit in the backoffice, they can just go to the page and click the edit button. This works well, but we also wanted to add a logout button to the bar.

Ah, pretty cool use case! Well, my only advise would be to figure out what code gets triggered when you tap logout in the backoffice (I actually have no idea, but I suspect it's doing some kind of OpenIddict thing).

Actually ajaxing the url didn't do a total logout, I had to just send the user directly to that url, and it does log the user out.

Note that you might have some issues in Umbraco Cloud as it uses an identity provider, if you're planning on distributing this edit bar as a package, you'd need to be aware of alternate login providers as well 🙂