A web app that calls web APIs: Remove accounts from the token cache on global sign-out
You learned how to add sign-in to your web app in Web app that signs in users: Sign-in and sign-out.
Sign-out is different for a web app that calls web apis. When the user signs out from your application, or from any application, you must remove the tokens associated with that user from the token cache.
To clear the token-cache entry associated with the account that signed out, your application can intercept the after logout event. Web apps store access tokens for each user in a token cache. By intercepting the after logout callback, your web application can remove the user from the cache.
The Node sample doesn't remove accounts from the cache on global sign-out.
Move on to the next article in this scenario, Acquire a token for the web app.