Authorize URI for Different Users, Same Browser

Question

question

vanillasoft-. asked · Jul 22, 2016 at 07:29 PM

Authorize URI for Different Users, Same Browser

I have integrated the RingCentral 3-legged OAuth flow in my application, but I am facing a problem. I am using the Official C# SDK.

1. UserA is asked to enter his credentials in a RingCentral branded pop-up window.
2. UserA is asked to Authorize the application.
3. UserA is authenticated.

4. When user logs out of my application, I call Platform.Logout().

5. UserB logs into my application, and initiate the Authorization flow, instead of going to step1 above, my user is taken to step2.

If I realize step 5 using a different browser, the user goes to step1 as expected.

How can I "reset" that RingCentral authorization window, so it always ask for login/username ??

Thank you.

topic-default

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 1 · 2016-07-22T20:10:27Z

anton-nikitin answered · Jul 22, 2016 at 08:10 PM

You can try to delete browser cookies for *. ringcentral.com. It should help.
Can you do it programmatically after you call Logout?

Anton

Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 2 · 2016-07-25T12:57:59Z

vanillasoft-. answered · Jul 25, 2016 at 12:57 PM

Hi.

I don't think it is possible to delete cookies for a different domain.

Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 3 · 2016-07-25T16:14:06Z

benjamin-dean answered · Jul 25, 2016 at 04:14 PM

Are you destroying the session upon logout?

Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 4 · 2018-01-04T17:52:36Z

shawn answered · Jan 04, 2018 at 05:52 PM

Is there any update on this? It doesn't look like it's possible to clear cookies for a different domain as they said. BTW, this is the same issue as this: RingCentral 3-Legged OAuth Does Not Prompt For Login Every Time -- and there's no solution there yet either

Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 5 · 2018-01-04T21:51:48Z

anton-nikitin answered · Jan 04, 2018 at 09:51 PM

Shawn, there are the following options to solve this I assume.

To have an API which forces logout if there is an authenticated session so that next oauth/authorize call will show credentials prompt
To have a parameter in oauth/authorize call to force it showing credentials prompt regardless of authenticated session presence
To have UI option to confirm or logout current user as a part of regular oauth/authorize flow

Can you advise if you are looking for particular option or any of them will satisfy your needs?

Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 6 · 2018-07-18T20:32:28Z

matt-spinks answered · Jul 18, 2018 at 08:32 PM

I'm trying to find a solution for the same issue. Any one of these options would do. Have any of these been implemented?

3 Share

1 |1000 characters needed characters left characters exceeded

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

anton-nikitin · Jul 18, 2018 at 10:51 PM

We are working on implementation to support such scenarios in a standard way. In the mean time try to use the following undocumented hack: add "force=true" parameter in query string when you call OAuth authorize. It will force logon screen to be shown every time.

0 · ·

matt-spinks · Jul 19, 2018 at 12:52 AM

Thanks! I'll give it a shot.

0 · ·

matt-spinks · Jul 19, 2018 at 06:35 PM

Using "force=true" in my param query did the trick. Thanks!

1 · ·

question