We are using multipass to seamlessly log customer into our shopify store after they login to our home-grown front-end. Works great!
Question - how do I log customer out of both sides of this equation? I see no references to logout at all.
Also - how long does a customer stay logged in on shopify? Is there a session timeout and can we control it?
Appreciate any help.
I have the exact same question. Seems like an issue if a user is on a shared device and intends to terminate their session - someone could gain access to the same device and view account details, purchase history, etc. Perhaps I'm missing something but I definitely think there's a real vector here.
Been looking into this for a headless project recently.
The approach we were going to take was on logout on our headless site, bounce someone via `store.myshopify.com/account/logout`.
We have a JS redirect on that site which would bring them back to the headless site after the logout.
Does this make sense to others?