In a standard OIDC flow, the user's journey during logout looks like this:
This article explains the technical reasons behind a "signout-oidc" file download and how to resolve the underlying configuration issues. Understanding the "signout-oidc" Download Issue signout-oidc download
The application may be sending the user to a path that isn't properly registered in the web server's routing table. Instead of rendering a "Logged Out" page, the server might send back a raw data stream that the browser downloads. In a standard OIDC flow, the user's journey
In some code setups, developers call SignOutAsync twice—once for the local application and once for the IdP. If the second call doesn't have a valid landing page to redirect to, the browser may hang or trigger a download of the last response. The Role of signout-callback-oidc Why is the File Downloading
This typically occurs in environments using identity providers like , Auth0 , or Azure AD , where the browser is redirected to a logout endpoint that fails to return a proper webpage, causing the browser to treat the server's response as a downloadable file instead. Why is the File Downloading?
The signout-oidc path is a default endpoint used by OIDC client libraries (like those in ASP.NET Core) to handle the callback after a user logs out from a central Identity Provider (IdP). The download happens for three main reasons:
If the server returns a response (like an empty success status) but doesn't specify it as text/html , browsers like Chrome or Safari may assume it is a binary file and download it.