Closed
Description
Describe the task
Asgardeo console, my account and sample web applications send a GET request to the oidc/logout endpoint of the server to initiate logout. With this request, id_token_hint query parameter is sent which contains the previously issued ID token. Since query parameters are getting logged in log analytics workspaces, it's not ideal to send ID token as a query parmeter since it may contain PIIs.
With the epic linked below, oidc/logout endpoint is improved to support an additional parameter: client_id
This will eliminate the risk of potentially exposing PIIs. So this task is created to track the progress of updating above mentioned applications to send client_id in the logout request instead of id_token_hint