Logging out of an SFAuthenticationSession

I'm currently building an app using OAuth for authentication. Due to recent changes in the iOS 11 API I'd like to use the new SFAuthenticationSession to achieve this. The app already worked with the old SFSafariViewController and the switch to being able to log in with SFAuthenticationSession was very easy, so all is good until here.

But, this might be a stupid question: how do I log out? Invalidating the tokens is the easy part. But how do I clear the cookie on the login page? The way things are now I invalidate the tokens, reopen the SFAuthenticationSession, the login view pops up, it recognizes the cookie and logs the user in. Auth tokens are regenerated and we're back where we started.

So how do I clear the cookies?

Thanks in advance

(Also it wasn't clear in which board to post this. Sorry if I'm wrong here.)


Hmm, if noone knows the answer, can someone point me to someone else who could? 😕

Hi Jan,

I also have 100% the same problem but also no solution. I also found out that as a workaround, you can use the SFAuthenticationSession to sign out.
But this is confusing to the end-user.

We need to get the cookies deleted.
I hope we get an answer.

Hi Skor,

yes, I tested this option last week and got to the same conclusion as you. It works technically, but having an altert view popping up asking to log in when opening the logout page.. no. That's not an option.

I also opened a suggestion with Apple's BugReport tool a week ago, but I haven't gotten a reply yet. My StackOverflow post on this topic got a few upvotes last week, so interest in this issue is growing slowly. Hope this can be sorted out soon..

Any reply so far Jan.

Same boat here. We definitely need a way to clear cookies. I thought that maybe popping up a new SFSafariViewController at a logout page would work, but it doesnt.

I have the same issue. Did you ever solve this?

I’m running into the same issue. Has anyone found a workaround for this?

I am using OpenId.AppAuth library to perfrom the OpenId authentication against OKTA for my Mobile application.

While setting up the Login part was really easy by showing the SFAuthenticationSession prompt and redirecting to OKTA.

I'm stuck up with the Logout though. I have tried to Delete all the cookies for my okta IDP url, however it looks like the user is stuck at login.

Is there any solution to resolve this or a workaround?