diff --git a/src/contexts/AuthContext.jsx b/src/contexts/AuthContext.jsx
index df990c7..e95e325 100644
--- a/src/contexts/AuthContext.jsx
+++ b/src/contexts/AuthContext.jsx
@@ -41,18 +41,20 @@ export function AuthProvider({ children }) {
   }, []);
 
   const logout = useCallback(async () => {
+    let keycloakLogoutUrl = null;
     try {
       const res = await api.post('/auth/logout');
-      localStorage.removeItem('token');
-      setUser(null);
-      if (res.data?.keycloakLogoutUrl) {
-        window.location.href = res.data.keycloakLogoutUrl;
-        return;
-      }
+      keycloakLogoutUrl = res.data?.keycloakLogoutUrl || null;
     } catch {
       // ignore — token is removed locally regardless
     }
     localStorage.removeItem('token');
+    if (keycloakLogoutUrl) {
+      // Redirect to Keycloak BEFORE clearing React state to avoid
+      // flash-rendering the login page while the redirect is pending.
+      window.location.href = keycloakLogoutUrl;
+      return;
+    }
     setUser(null);
   }, []);