diff --git a/config/clusters/earthscope/common.values.yaml b/config/clusters/earthscope/common.values.yaml
index 9894867279..3cc66f3c2f 100644
--- a/config/clusters/earthscope/common.values.yaml
+++ b/config/clusters/earthscope/common.values.yaml
@@ -36,7 +36,8 @@ basehub:
       extraConfig:
         001-username-claim: |
           from oauthenticator.auth0 import Auth0OAuthenticator
-          from traitlets import List, Unicode
+          from traitlets import List, Unicode, default
+          from urllib.parse import urlencode
 
           class CustomAuth0OAuthenticator(Auth0OAuthenticator):
             # required_scopes functionality comes in from https://github.com/jupyterhub/oauthenticator/pull/719
@@ -59,6 +60,28 @@ basehub:
                 """,
             )
 
+            # Upstreamed at https://github.com/jupyterhub/oauthenticator/pull/722
+            logout_redirect_to_url = Unicode(
+                config=True,
+                help="""
+                Redirect to this URL after the user is logged out.
+
+                Must be explicitly added to the "Allowed Logout URLs" in the configuration
+                for this Auth0 application. See https://auth0.com/docs/authenticate/login/logout/redirect-users-after-logout
+                for more information.
+                """
+            )
+
+            @default("logout_redirect_url")
+            def _logout_redirect_url_default(self):
+                url = f"https://{self.auth0_domain}/v2/logout"
+                if self.logout_redirect_to_url:
+                    # If a redirectTo is set, we must also include the `client_id`
+                    # Auth0 expects `client_id` to be snake cased while `redirectTo` is camel cased
+                    params = urlencode({"client_id": self.client_id, "redirectTo": self.logout_redirect_to_url})
+                    url = f"{url}?{params}"
+                return url
+
             async def authenticate(self, *args, **kwargs):
               auth_model = await super().authenticate(*args, **kwargs)
               username = auth_model["name"]
diff --git a/config/clusters/earthscope/prod.values.yaml b/config/clusters/earthscope/prod.values.yaml
index e8e7aeee13..1bba5920c2 100644
--- a/config/clusters/earthscope/prod.values.yaml
+++ b/config/clusters/earthscope/prod.values.yaml
@@ -12,6 +12,8 @@ basehub:
             name: "EarthScope"
     hub:
       config:
+        CustomAuth0OAuthenticator:
+          logout_redirect_to_url: https://earthscope.2i2c.cloud
         Auth0OAuthenticator:
           auth0_domain: login.earthscope.org
           extra_authorize_params:
diff --git a/config/clusters/earthscope/staging.values.yaml b/config/clusters/earthscope/staging.values.yaml
index 4f2a7d6049..728745a671 100644
--- a/config/clusters/earthscope/staging.values.yaml
+++ b/config/clusters/earthscope/staging.values.yaml
@@ -12,6 +12,8 @@ basehub:
             name: "EarthScope staging"
     hub:
       config:
+        CustomAuth0OAuthenticator:
+          logout_redirect_to_url: https://staging.earthscope.2i2c.cloud
         Auth0OAuthenticator:
           auth0_domain: login-dev.earthscope.org
           extra_authorize_params: