Hi,
I’m trying to make sure that the .AspNetCore.Identity.Application cookie gets invalidated on Umbraco frontend member logout.
I’m using IMemberSignInManager.SignOutAsync() to sign out a member on click of logout button. This method updates the security stamp which I could verify in the database as well. Also, I could verify that the security stamp is part of the user’s identity claims. However, this is not invalidating the cookie. When I use the same cookie which got generated on login after I logout in a postman call to the application, I can still access the content which is accessible only to logged in users.
Any help on this is greatly appreciated. Thanks!
This is a companion discussion topic for the original entry at https://our.umbraco.com/forum/113515-umbraco-member-logout-doesnt-invalidate-the-cookie