diff --git a/Readme.md b/Readme.md
index 714afbf1..604050f2 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,6 +1,6 @@
 <div align="center">
 
- [Abp Vnext Pro](https://github.com/WangJunZzz/abp-vnext-pro) 的 Vue3 实现版本 开箱即用的中后台前端/设计解决方案
+[Abp Vnext Pro](https://github.com/WangJunZzz/abp-vnext-pro) 的 Vue3 实现版本 开箱即用的中后台前端/设计解决方案
 
 <table>
     <tr>
@@ -46,7 +46,7 @@
 - [x] 单元测试
 - [x] ES 日志
 - [x] Setting 管理
-- [ ] 多租户
+- [x] 多租户
 - [ ] 组织机构
 
 ### 使用
@@ -55,9 +55,6 @@
 
   ![](https://blog-resouce.oss-cn-shenzhen.aliyuncs.com/images/abp/gui.png)
 
-  
-
-
 #### 参与贡献
 
 非常欢迎你的贡献，你可以通过以下方式和我们一起共建 :star2:：
diff --git a/aspnet-core/services/host/CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs b/aspnet-core/services/host/CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
index d006cbf0..ba3ebb57 100644
--- a/aspnet-core/services/host/CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
+++ b/aspnet-core/services/host/CompanyName.ProjectName.HttpApi.Host/ProjectNameHttpApiHostModule.cs
@@ -104,7 +104,7 @@ namespace CompanyName.ProjectName
             {
                 app.UseMultiTenancy();
             }
-
+        
             app.UseAuthorization();
 
             app.UseSwagger();
diff --git a/aspnet-core/services/host/CompanyName.ProjectName.IdentityServer/ProjectNameIdentityServerModule.cs b/aspnet-core/services/host/CompanyName.ProjectName.IdentityServer/ProjectNameIdentityServerModule.cs
index f7efa2ad..b2b48991 100644
--- a/aspnet-core/services/host/CompanyName.ProjectName.IdentityServer/ProjectNameIdentityServerModule.cs
+++ b/aspnet-core/services/host/CompanyName.ProjectName.IdentityServer/ProjectNameIdentityServerModule.cs
@@ -11,6 +11,9 @@ using CompanyName.ProjectName.EntityFrameworkCore;
 using CompanyName.ProjectName.Extensions;
 using CompanyName.ProjectName.Localization;
 using CompanyName.ProjectName.MultiTenancy;
+using IdentityServer4.Configuration;
+using IdentityServer4.Extensions;
+using IdentityServer4.Models;
 using StackExchange.Redis;
 using Volo.Abp;
 using Volo.Abp.Account;
@@ -43,7 +46,7 @@ namespace CompanyName.ProjectName
         typeof(AbpAspNetCoreMvcUiBasicThemeModule),
         typeof(ProjectNameEntityFrameworkCoreDbMigrationsModule),
         typeof(AbpAspNetCoreSerilogModule)
-        )]
+    )]
     public class ProjectNameIdentityServerModule : AbpModule
     {
         private const string DefaultCorsPolicyName = "Default";
@@ -60,7 +63,7 @@ namespace CompanyName.ProjectName
                     .AddBaseTypes(
                         typeof(AbpUiResource)
                     );
-
+                
                 options.Languages.Add(new LanguageInfo("ar", "ar", "العربية"));
                 options.Languages.Add(new LanguageInfo("cs", "cs", "Čeština"));
                 options.Languages.Add(new LanguageInfo("en", "en", "English"));
@@ -80,10 +83,7 @@ namespace CompanyName.ProjectName
             {
                 options.StyleBundles.Configure(
                     BasicThemeBundles.Styles.Global,
-                    bundle =>
-                    {
-                        bundle.AddFiles("/global-styles.css");
-                    }
+                    bundle => { bundle.AddFiles("/global-styles.css"); }
                 );
             });
 
@@ -96,7 +96,6 @@ namespace CompanyName.ProjectName
             if (hostingEnvironment.IsDevelopment())
             {
                 Configure<AbpVirtualFileSystemOptions>(options => { options.FileSets.AddEmbedded<ProjectNameIdentityServerModule>(); });
-            
             }
 
             Configure<AppUrlOptions>(options =>
@@ -108,15 +107,9 @@ namespace CompanyName.ProjectName
                 options.Applications["Angular"].Urls[AccountUrlNames.PasswordReset] = "account/reset-password";
             });
 
-            Configure<AbpBackgroundJobOptions>(options =>
-            {
-                options.IsJobExecutionEnabled = false;
-            });
+            Configure<AbpBackgroundJobOptions>(options => { options.IsJobExecutionEnabled = false; });
 
-            Configure<AbpDistributedCacheOptions>(options =>
-            {
-                options.KeyPrefix = "ProjectName:";
-            });
+            Configure<AbpDistributedCacheOptions>(options => { options.KeyPrefix = "ProjectName:"; });
 
             if (!hostingEnvironment.IsDevelopment())
             {
@@ -169,18 +162,19 @@ namespace CompanyName.ProjectName
             app.UseCors(DefaultCorsPolicyName);
             app.UseCookiePolicy();
             app.UseAuthentication();
-            
+
             if (MultiTenancyConsts.IsEnabled)
             {
                 app.UseMultiTenancy();
             }
-
+     
             app.UseUnitOfWork();
             app.UseIdentityServer();
             app.UseAuthorization();
             app.UseAuditing();
             app.UseAbpSerilogEnrichers();
             app.UseConfiguredEndpoints();
+
         }
     }
-}
+}
\ No newline at end of file
diff --git a/aspnet-core/services/src/CompanyName.ProjectName.Application.Contracts/Permissions/ProjectNamePermissionDefinitionProvider.cs b/aspnet-core/services/src/CompanyName.ProjectName.Application.Contracts/Permissions/ProjectNamePermissionDefinitionProvider.cs
index eb91a766..65b68d35 100644
--- a/aspnet-core/services/src/CompanyName.ProjectName.Application.Contracts/Permissions/ProjectNamePermissionDefinitionProvider.cs
+++ b/aspnet-core/services/src/CompanyName.ProjectName.Application.Contracts/Permissions/ProjectNamePermissionDefinitionProvider.cs
@@ -2,6 +2,7 @@
 using Volo.Abp.Authorization.Permissions;
 using Volo.Abp.Identity;
 using Volo.Abp.Localization;
+using Volo.Abp.MultiTenancy;
 
 namespace CompanyName.ProjectName.Permissions
 {
@@ -20,52 +21,56 @@ namespace CompanyName.ProjectName.Permissions
                 abpIdentityGroup.AddPermission(ProjectNamePermissions.SystemManagement.Hangfire, L("Permission:HangfireManagement"));
 
             var capManagement = abpIdentityGroup.AddPermission(ProjectNamePermissions.SystemManagement.Cap, L("Permission:CapManagement"));
-            
+
             #region IdentityServer
 
+            // multiTenancySide: MultiTenancySides.Host 只有host租户才有权限
             var identityServerManagementGroup =
-                context.AddGroup(ProjectNamePermissions.IdentityServer.IdentityServerManagement, L("Permission:IdentityServerManagement"));
+                context.AddGroup(ProjectNamePermissions.IdentityServer.IdentityServerManagement, L("Permission:IdentityServerManagement"),
+                    multiTenancySide: MultiTenancySides.Host);
 
             var clientManagment = identityServerManagementGroup.AddPermission(ProjectNamePermissions.IdentityServer.Client.Default,
-                L("Permission:IdentityServerManagement:Client"));
+                L("Permission:IdentityServerManagement:Client"),multiTenancySide: MultiTenancySides.Host);
             clientManagment.AddChild(ProjectNamePermissions.IdentityServer.Client.Create,
-                L("Permission:Create"));
+                L("Permission:Create"),multiTenancySide: MultiTenancySides.Host);
             clientManagment.AddChild(ProjectNamePermissions.IdentityServer.Client.Update,
-                L("Permission:Update"));
+                L("Permission:Update"),multiTenancySide: MultiTenancySides.Host);
             clientManagment.AddChild(ProjectNamePermissions.IdentityServer.Client.Delete,
-                L("Permission:Delete"));
+                L("Permission:Delete"),multiTenancySide: MultiTenancySides.Host);
             clientManagment.AddChild(ProjectNamePermissions.IdentityServer.Client.Enable,
-                L("Permission:Enable"));
-            
-            
-            var apiResourceManagment = identityServerManagementGroup.AddPermission(ProjectNamePermissions.IdentityServer.ApiResource.Default,
-                L("Permission:IdentityServerManagement:ApiResource"));
+                L("Permission:Enable"),multiTenancySide: MultiTenancySides.Host);
+
+
+            var apiResourceManagment = identityServerManagementGroup.AddPermission(
+                ProjectNamePermissions.IdentityServer.ApiResource.Default,
+                L("Permission:IdentityServerManagement:ApiResource"),multiTenancySide: MultiTenancySides.Host);
             apiResourceManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiResource.Create,
-                L("Permission:Create"));
+                L("Permission:Create"),multiTenancySide: MultiTenancySides.Host);
             apiResourceManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiResource.Update,
-                L("Permission:Update"));
+                L("Permission:Update"),multiTenancySide: MultiTenancySides.Host);
             apiResourceManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiResource.Delete,
-                L("Permission:Delete"));
+                L("Permission:Delete"),multiTenancySide: MultiTenancySides.Host);
 
             var apiScopeManagment = identityServerManagementGroup.AddPermission(ProjectNamePermissions.IdentityServer.ApiScope.Default,
-                L("Permission:IdentityServerManagement:ApiScope"));
+                L("Permission:IdentityServerManagement:ApiScope"),multiTenancySide: MultiTenancySides.Host);
             apiScopeManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiScope.Create,
-                L("Permission:Create"));
+                L("Permission:Create"),multiTenancySide: MultiTenancySides.Host);
             apiScopeManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiScope.Update,
-                L("Permission:Update"));
+                L("Permission:Update"),multiTenancySide: MultiTenancySides.Host);
             apiScopeManagment.AddChild(ProjectNamePermissions.IdentityServer.ApiScope.Delete,
-                L("Permission:Delete"));
-            
+                L("Permission:Delete"),multiTenancySide: MultiTenancySides.Host);
 
-            var identityResourcesManagment = identityServerManagementGroup.AddPermission(ProjectNamePermissions.IdentityServer.IdentityResources.Default,
-                L("Permission:IdentityServerManagement:IdentityResources"));
+
+            var identityResourcesManagment = identityServerManagementGroup.AddPermission(
+                ProjectNamePermissions.IdentityServer.IdentityResources.Default,
+                L("Permission:IdentityServerManagement:IdentityResources"),multiTenancySide: MultiTenancySides.Host);
             identityResourcesManagment.AddChild(ProjectNamePermissions.IdentityServer.IdentityResources.Create,
-                L("Permission:Create"));
+                L("Permission:Create"),multiTenancySide: MultiTenancySides.Host);
             identityResourcesManagment.AddChild(ProjectNamePermissions.IdentityServer.IdentityResources.Update,
-                L("Permission:Update"));
+                L("Permission:Update"),multiTenancySide: MultiTenancySides.Host);
             identityResourcesManagment.AddChild(ProjectNamePermissions.IdentityServer.IdentityResources.Delete,
-                L("Permission:Delete"));
-            
+                L("Permission:Delete"),multiTenancySide: MultiTenancySides.Host);
+
             #endregion
         }
 
diff --git a/aspnet-core/services/src/CompanyName.ProjectName.Domain.Shared/ProjectNameDomainSharedModule.cs b/aspnet-core/services/src/CompanyName.ProjectName.Domain.Shared/ProjectNameDomainSharedModule.cs
index 283f66cd..17459c3c 100644
--- a/aspnet-core/services/src/CompanyName.ProjectName.Domain.Shared/ProjectNameDomainSharedModule.cs
+++ b/aspnet-core/services/src/CompanyName.ProjectName.Domain.Shared/ProjectNameDomainSharedModule.cs
@@ -45,7 +45,7 @@ namespace CompanyName.ProjectName
             Configure<AbpLocalizationOptions>(options =>
             {
                 options.Resources
-                    .Add<ProjectNameResource>("en")
+                    .Add<ProjectNameResource>("zh-Hans")
                     .AddBaseTypes(typeof(AbpValidationResource))
                     .AddVirtualJson("/Localization/ProjectName");
 
diff --git a/aspnet-core/services/src/CompanyName.ProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs b/aspnet-core/services/src/CompanyName.ProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs
index f760d8ce..774c8c2c 100644
--- a/aspnet-core/services/src/CompanyName.ProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs
+++ b/aspnet-core/services/src/CompanyName.ProjectName.Domain/IdentityServer/IdentityServerDataSeedContributor.cs
@@ -147,9 +147,9 @@ namespace CompanyName.ProjectName.IdentityServer
                 scopes: commonScopes,
                 grantTypes: new[] {"implicit"},
                 secret: "1q2w3E*".Sha256(),
-                redirectUri: "http://localhost:4200/oidc",
-                postLogoutRedirectUri: "http://localhost:4200/oidc,http://120.24.194.14:8012/oidc",
-                frontChannelLogoutUri: "http://localhost:4200/oidc",
+                redirectUri: "http://localhost:4200/oidcSignIn",
+                postLogoutRedirectUri: "http://localhost:4200/oidcSignOut",
+                frontChannelLogoutUri: "http://localhost:4200/oidcSignOut",
                 corsOrigins: new[] {"https://localhost:4200", "http://localhost:4200", "http://120.24.194.14:8012"},
                 requireClientSecret: false
             );
diff --git a/vben271/index.html b/vben271/index.html
index 5b99faf6..47fe929b 100644
--- a/vben271/index.html
+++ b/vben271/index.html
@@ -8,10 +8,14 @@
       name="viewport"
       content="width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=0"
     />
-
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="default-src *; style-src * 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *"
+    />
     <title><%= title %></title>
     <link rel="icon" href="/favicon.ico" />
   </head>
+
   <body>
     <script>
       (() => {
diff --git a/vben271/src/api/sys/user.ts b/vben271/src/api/sys/user.ts
index c6929c3e..d62afb25 100644
--- a/vben271/src/api/sys/user.ts
+++ b/vben271/src/api/sys/user.ts
@@ -4,7 +4,6 @@ import {
   LoginResultModel,
   GetUserInfoByUserIdParams,
   GetUserInfoByUserIdModel,
-  GetUserInfoModel,
 } from './model/userModel';
 
 import { ErrorMessageMode } from '/#/axios';
@@ -87,17 +86,6 @@ export function loginApi(params: LoginParams, mode: ErrorMessageMode = 'modal')
   );
 }
 
-/**
- * @description: getUserInfo
- */
-// export function getUserInfo() {
-//   return defHttp.get<GetUserInfoModel>({ url: Api.GetUserInfo });
-// }
-
-// export function getPermCode() {
-//   return defHttp.get<string[]>({ url: Api.GetPermCode });
-// }
-
 export function doLogout() {
   return defHttp.get({ url: Api.Logout });
 }
diff --git a/vben271/src/router/routes/mainOut.ts b/vben271/src/router/routes/mainOut.ts
index 75dd1f92..bcd9661c 100644
--- a/vben271/src/router/routes/mainOut.ts
+++ b/vben271/src/router/routes/mainOut.ts
@@ -9,9 +9,18 @@ import type { AppRouteModule } from '/@/router/types';
 // http:ip:port/main-out
 export const mainOutRoutes: AppRouteModule[] = [
   {
-    path: '/oidc',
-    name: 'Oidc',
-    component: () => import('/@/views/sys/login/Oidc.vue'),
+    path: '/oidcSignIn',
+    name: 'OidcSignIn',
+    component: () => import('/@/views/sys/login/OidcSignIn.vue'),
+    meta: {
+      title: 'Oidc',
+      ignoreAuth: true,
+    },
+  },
+  {
+    path: '/oidcSignOut',
+    name: 'OidcSignOut',
+    component: () => import('/@/views/sys/login/OidcSignOut.vue'),
     meta: {
       title: 'Oidc',
       ignoreAuth: true,
diff --git a/vben271/src/settings/siteSetting.ts b/vben271/src/settings/siteSetting.ts
index b6ed2118..93cdcb9b 100644
--- a/vben271/src/settings/siteSetting.ts
+++ b/vben271/src/settings/siteSetting.ts
@@ -1,8 +1,8 @@
 // github repo url
-export const GITHUB_URL = 'https://github.com/anncwb/vue-vben-admin';
+export const GITHUB_URL = 'https://github.com/WangJunZzz/abp-vnext-pro';
 
 // vue-vben-admin-next-doc
-export const DOC_URL = 'https://vvbin.cn/doc-next/';
+export const DOC_URL = 'https://doc.cncore.club/';
 
 // site url
 export const SITE_URL = 'https://vvbin.cn/next/';
diff --git a/vben271/src/store/modules/user.ts b/vben271/src/store/modules/user.ts
index 4a35000f..e18e9e6d 100644
--- a/vben271/src/store/modules/user.ts
+++ b/vben271/src/store/modules/user.ts
@@ -13,26 +13,19 @@ import {
 } from '/@/enums/cacheEnum';
 import { getAuthCache, setAuthCache } from '/@/utils/auth';
 import { GetUserInfoByUserIdModel, LoginParams } from '/@/api/sys/model/userModel';
-import {
-  doLogout,
-  //getUserInfo,
-  //loginApi,
-  login,
-  getAbpApplicationConfiguration,
-  stsLogin,
-  stsLogout,
-} from '/@/api/sys/user';
+import { login, getAbpApplicationConfiguration, stsLogin } from '/@/api/sys/user';
 import { useI18n } from '/@/hooks/web/useI18n';
 import { useMessage } from '/@/hooks/web/useMessage';
 import { router } from '/@/router';
 import { usePermissionStore } from '/@/store/modules/permission';
-import { RouteRecordRaw } from 'vue-router';
-import { PAGE_NOT_FOUND_ROUTE } from '/@/router/routes/basic';
-import { LoginInput, AccountServiceProxy } from '/@/services/ServiceProxies';
+import { LoginInput } from '/@/services/ServiceProxies';
 import jwt_decode from 'jwt-decode';
+
+import { useOidcLogout } from '/@/views/sys/login/useLogin';
 interface UserState {
   userInfo: Nullable<UserInfo>;
   token?: string;
+  id_token?: string;
   roleList: RoleEnum[];
   sessionTimeout?: boolean;
   lastUpdateTime: number;
@@ -47,6 +40,7 @@ export const useUserStore = defineStore({
     userInfo: null,
     // token
     token: undefined,
+    id_token: undefined,
     // roleList
     roleList: [],
     // Whether the login expired
@@ -63,6 +57,7 @@ export const useUserStore = defineStore({
     getToken(): string {
       return this.token || getAuthCache<string>(TOKEN_KEY);
     },
+
     getRoleList(): RoleEnum[] {
       return this.roleList.length > 0 ? this.roleList : getAuthCache<RoleEnum[]>(ROLES_KEY);
     },
@@ -101,6 +96,7 @@ export const useUserStore = defineStore({
       this.token = info;
       setAuthCache(TOKEN_KEY, info);
     },
+
     setRoleList(roleList: RoleEnum[]) {
       this.roleList = roleList;
       setAuthCache(ROLES_KEY, roleList);
@@ -119,49 +115,12 @@ export const useUserStore = defineStore({
     },
     resetState() {
       this.userInfo = null;
-      this.token = '';
       this.roleList = [];
       this.sessionTimeout = false;
+      this.tenantId = '';
+      this.setToken(undefined);
     },
-    /**
-     * @description: login
-     */
-    // async login(
-    //   params: LoginParams & {
-    //     goHome?: boolean;
-    //     mode?: ErrorMessageMode;
-    //   }
-    // ): Promise<GetUserInfoModel | null> {
-    //   try {
-    //     const { goHome = true, mode, ...loginParams } = params;
-    //     const data = await loginApi(loginParams, mode);
-    //     const { token } = data;
 
-    //     // save token
-    //     this.setToken(token);
-    //     // get user info
-    //     const userInfo = await this.getUserInfoAction();
-
-    //     const sessionTimeout = this.sessionTimeout;
-    //     if (sessionTimeout) {
-    //       this.setSessionTimeout(false);
-    //     } else if (goHome) {
-    //       const permissionStore = usePermissionStore();
-    //       if (!permissionStore.isDynamicAddedRoute) {
-    //         const routes = await permissionStore.buildRoutesAction();
-    //         routes.forEach((route) => {
-    //           router.addRoute(route as unknown as RouteRecordRaw);
-    //         });
-    //         router.addRoute(PAGE_NOT_FOUND_ROUTE as unknown as RouteRecordRaw);
-    //         permissionStore.setDynamicAddedRoute(true);
-    //       }
-    //       await router.replace(userInfo.homePath || PageEnum.BASE_HOME);
-    //     }
-    //     return userInfo;
-    //   } catch (error) {
-    //     return Promise.reject(error);
-    //   }
-    // },
     async login(
       params: LoginParams & {
         goHome?: boolean;
@@ -181,7 +140,10 @@ export const useUserStore = defineStore({
           realName: data.name as string,
           roles: data.roles as [],
           avatar: '',
+          isSts: false,
+          idToken: '',
         });
+
         await this.getAbpApplicationConfigurationAsync();
         goHome && (await router.replace(PageEnum.BASE_HOME));
         return null;
@@ -198,7 +160,7 @@ export const useUserStore = defineStore({
       permissionStore.setPermCodeList(grantPolicy);
     },
 
-    async stsLogin(token: string) {
+    async stsLogin(token: string, id_token: string) {
       try {
         // 获取token中的租户信息
         const decoded: any = jwt_decode(token);
@@ -210,12 +172,15 @@ export const useUserStore = defineStore({
 
         const data = await stsLogin(token);
         this.setToken(data.token as string);
+
         this.setUserInfo({
           userId: decoded.sub as string,
           username: data.userName as string,
           realName: data.name as string,
           roles: data.roles as [],
           avatar: '',
+          isSts: true,
+          idToken: id_token,
         });
         await this.getAbpApplicationConfigurationAsync();
         await router.replace(PageEnum.BASE_HOME);
@@ -230,14 +195,15 @@ export const useUserStore = defineStore({
      */
     async logout(goLogin = false) {
       try {
-        await stsLogout();
-      } catch {
-        console.log('注销Token失败');
+        if (this.userInfo?.isSts) {
+          await useOidcLogout();
+        } else {
+          this.resetState();
+          goLogin && router.push(PageEnum.BASE_LOGIN);
+        }
+      } catch (ex) {
+        console.log(ex);
       }
-      this.setTenant('');
-      this.setToken('');
-      this.setSessionTimeout(false);
-      goLogin && router.push(PageEnum.BASE_LOGIN);
     },
 
     /**
diff --git a/vben271/src/views/admin/auditLog/AuditLog.ts b/vben271/src/views/admin/auditLog/AuditLog.ts
index a504ca94..d4582c99 100644
--- a/vben271/src/views/admin/auditLog/AuditLog.ts
+++ b/vben271/src/views/admin/auditLog/AuditLog.ts
@@ -35,12 +35,12 @@ export const tableColumns: BasicColumn[] = [
   {
     title: 'HttpMethod',
     dataIndex: 'httpMethod',
-    width: 100,
+    width: 150,
   },
   {
     title: 'HttpStatusCode',
     dataIndex: 'httpStatusCode',
-    width: 120,
+    width: 150,
   },
   {
     title: 'Url',
diff --git a/vben271/src/views/identityServers/apiResources/EditApiResources.vue b/vben271/src/views/identityServers/apiResources/EditApiResources.vue
index 2d86c32d..e7e50da3 100644
--- a/vben271/src/views/identityServers/apiResources/EditApiResources.vue
+++ b/vben271/src/views/identityServers/apiResources/EditApiResources.vue
@@ -18,7 +18,7 @@
             <a-row justify="center">
               <a-col :span="24">
                 <a-checkbox
-                  style="width: 150px"
+                  style="width: 200px"
                   v-for="(item, index) in apiScopes"
                   :key="index"
                   :value="item.value"
diff --git a/vben271/src/views/identityServers/clients/ClientUri.vue b/vben271/src/views/identityServers/clients/ClientUri.vue
index 7fd22708..4cc92644 100644
--- a/vben271/src/views/identityServers/clients/ClientUri.vue
+++ b/vben271/src/views/identityServers/clients/ClientUri.vue
@@ -10,7 +10,8 @@
         <a-button type="primary" @click="handleAddRedirectUri" style="margin-bottom: 10px">{{
           t('common.createText')
         }}</a-button>
-        <div v-for="item in currentClient.redirectUris">
+
+        <div v-for="item in currentClient.redirectUris" :key="item.redirectUri">
           <a-input placeholder="" style="width: 470px" :defaultValue="item.redirectUri" disabled />
           <a-button type="primary" @click="handleRemoveRedirectUri(item.redirectUri)" danger>{{
             t('common.delText')
@@ -26,7 +27,7 @@
         <a-button type="primary" @click="handleAddLogoutRedirectUri" style="margin-bottom: 10px">{{
           t('common.createText')
         }}</a-button>
-        <div v-for="item in currentClient.postLogoutRedirectUris">
+        <div v-for="item in currentClient.postLogoutRedirectUris" :key="item.postLogoutRedirectUri">
           <a-input
             placeholder=""
             style="width: 470px"
@@ -46,7 +47,7 @@
         <a-button type="primary" @click="handleAddCors" style="margin-bottom: 10px">{{
           t('common.createText')
         }}</a-button>
-        <div v-for="item in currentClient.allowedCorsOrigins">
+        <div v-for="item in currentClient.allowedCorsOrigins" :key="item.origin">
           <a-input placeholder="" style="width: 470px" :defaultValue="item.origin" disabled />
           <a-button type="primary" @click="handleRemoveCors(item.origin)" danger>{{
             t('common.delText')
@@ -77,6 +78,7 @@
     setup(_, { emit }) {
       const { t } = useI18n();
       let currentClient: PagingClientListOutput = new PagingClientListOutput();
+
       const state = reactive({
         redirectUriValue: '',
         postLogoutRedirectUriValue: '',
@@ -94,8 +96,8 @@
             uri: state.redirectUriValue,
           });
           state.redirectUriValue = '';
-          closeDrawer();
           emit('reload');
+          closeDrawer();
         }
       };
 
diff --git a/vben271/src/views/sys/login/Oidc.vue b/vben271/src/views/sys/login/OidcSignIn.vue
similarity index 90%
rename from vben271/src/views/sys/login/Oidc.vue
rename to vben271/src/views/sys/login/OidcSignIn.vue
index b9131819..07ee4281 100644
--- a/vben271/src/views/sys/login/Oidc.vue
+++ b/vben271/src/views/sys/login/OidcSignIn.vue
@@ -23,10 +23,11 @@
         compState.loading = true;
         try {
           const { currentRoute } = useRouter();
+          const id_token = currentRoute.value.fullPath.split('=')[1].split('&')[0];
           const token = currentRoute.value.fullPath.split('=')[2].split('&')[0];
-          console.log(token);
+
           if (token) {
-            await userStore.stsLogin(token);
+            await userStore.stsLogin(token, id_token);
           }
         } catch {
           message.error('登陆失败');
diff --git a/vben271/src/views/sys/login/OidcSignOut.vue b/vben271/src/views/sys/login/OidcSignOut.vue
new file mode 100644
index 00000000..3dc5af77
--- /dev/null
+++ b/vben271/src/views/sys/login/OidcSignOut.vue
@@ -0,0 +1,39 @@
+<template>
+  <Loading :loading="loading" :absolute="absolute" :tip="tip" />
+</template>
+<script lang="ts">
+  import { defineComponent, reactive, toRefs } from 'vue';
+  import { Loading } from '/@/components/Loading';
+  import { useUserStore } from '/@/store/modules/user';
+  import { router } from '/@/router';
+  import { PageEnum } from '/@/enums/pageEnum';
+  import { message } from 'ant-design-vue';
+  export default defineComponent({
+    components: { Loading },
+    setup() {
+      const compState = reactive({
+        absolute: false,
+        loading: false,
+        tip: '退出登录中',
+      });
+      const userStore = useUserStore();
+      async function openLoading(absolute: boolean) {
+        compState.absolute = absolute;
+        compState.loading = true;
+        try {
+          userStore.resetState();
+        } catch {
+          message.error('退出登录中失败');
+        } finally {
+          compState.loading = false;
+          router.replace(PageEnum.BASE_LOGIN);
+        }
+      }
+      openLoading(true);
+
+      return {
+        ...toRefs(compState),
+      };
+    },
+  });
+</script>
diff --git a/vben271/src/views/sys/login/OidcSingOut.vue b/vben271/src/views/sys/login/OidcSingOut.vue
deleted file mode 100644
index e69de29b..00000000
diff --git a/vben271/src/views/sys/login/SessionTimeoutLogin.vue b/vben271/src/views/sys/login/SessionTimeoutLogin.vue
index d1a2f34e..871afc3f 100644
--- a/vben271/src/views/sys/login/SessionTimeoutLogin.vue
+++ b/vben271/src/views/sys/login/SessionTimeoutLogin.vue
@@ -27,7 +27,6 @@
   onMounted(() => {
     // 记录当前的UserId
     userId.value = userStore.getUserInfo?.userId;
-    console.log('Mounted', userStore.getUserInfo);
   });
 
   onBeforeUnmount(() => {
diff --git a/vben271/src/views/sys/login/useLogin.ts b/vben271/src/views/sys/login/useLogin.ts
index 95457d6f..8c1e20fe 100644
--- a/vben271/src/views/sys/login/useLogin.ts
+++ b/vben271/src/views/sys/login/useLogin.ts
@@ -3,6 +3,7 @@ import type { RuleObject } from 'ant-design-vue/lib/form/interface';
 import { ref, computed, unref, Ref } from 'vue';
 import { useI18n } from '/@/hooks/web/useI18n';
 import Oidc from 'oidc-client';
+import { useUserStore } from '/@/store/modules/user';
 export enum LoginStateEnum {
   LOGIN,
   REGISTER,
@@ -115,25 +116,36 @@ export function useFormRules(formData?: Recordable) {
   return { getFormRules };
 }
 
-export function useOidcLogin() {
+function getOidcSettings() {
   const { protocol, hostname, port } = window.location;
   let currentHost = `${protocol}//${hostname}${port ? `:${port}` : ''}`;
   const settings: any = {
     authority: import.meta.env.VITE_AUTH_URL,
     client_id: 'Vue3',
-    redirect_uri: currentHost + '/oidc',
-    post_logout_redirect_uri: import.meta.env.VITE_AUTH_URL + 'signOut',
+    redirect_uri: currentHost + '/oidcSignIn',
+    post_logout_redirect_uri: currentHost + '/oidcSignOut',
     response_type: `id_token token`,
     scope: 'openid email profile',
     //silent_redirect_uri: currentHost + '/oidc-silent-renew',
     automaticSilentRenew: true, // If true oidc-client will try to renew your token when it is about to expire
     automaticSilentSignin: true, // If true vuex-oidc will try to silently signin unauthenticated users on public routes. Defaults to true
   };
+  return settings;
+}
 
+export function useOidcLogin() {
+  const settings = getOidcSettings();
   const mgr = new Oidc.UserManager(settings);
   mgr.signinRedirect();
 }
 
+export async function useOidcLogout() {
+  const settings = getOidcSettings();
+  const mgr = new Oidc.UserManager(settings);
+  const userStore = useUserStore();
+  await mgr.signoutRedirect({ id_token_hint: userStore.userInfo?.idToken });
+}
+
 function createRule(message: string) {
   return [
     {
diff --git a/vben271/types/store.d.ts b/vben271/types/store.d.ts
index 36a6025f..398a7bf2 100644
--- a/vben271/types/store.d.ts
+++ b/vben271/types/store.d.ts
@@ -38,6 +38,8 @@ export interface UserInfo {
   desc?: string;
   homePath?: string;
   roles: RoleInfo[];
+  isSts: boolean; // 是否通过IdentityServer4登录
+  idToken: string;
 }
 
 export interface BeforeMiniState {