I am writing an Android app using Auth0 authentication. I use the universal login to allow the user to log in. However, the issue is that once a user has logged in, I can't seem to find a way to log out. If I used the CredentialsManager.clearCredentials() option, then the universal login still auto-logs me in. Is there a way to tell the universal login to "force" a login?
WebAuthProvider.init(account)
.withScope("openid profile email")
.withScheme("android")
.start(this, new AuthCallback() {
You can force the user to login again by passing login as value for prompt to /authorize. You can do this with withParameters(). Source code.
Authentication API is OIDC compliant so you can take a look at the documentation for prompt here.
EDIT:
To truely logout the user by removing the session at Auth0 as well, is to redirect user to the logout endpoint https://YOUR_DOMAIN/v2/logout. In browsers and Javascript, this would be the equivalent of window.location.url = https://YOUR_DOMAIN/v2/logout