In a Blazor SSR web app, I have configured the OIDC authentication and the RemoteSignOutPath has been set.
builder.Services .AddAuthentication(options => { options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme; options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme; }) .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme, options => { // ... }) .AddOpenIdConnect(options => { options.RemoteSignOutPath = "/oidc-remote-logout"; // ... });According to OpenID Connect Back-Channel Logout spec, I need to post a logout token to this endpoint. When I do, I get 400 Bad Request response:
A valid antiforgery token was not provided with the request. Add anantiforgery token, or disable antiforgery validation for thisendpoint.
How can I solve this issue?
Does the framework handle this endpoint and its token validation by itself or do I have to implement it?