Skip to main content

I have setup SSO using OpenID Connect with my OpenID Provider.

 

From what I noticed, when I click on the logout button in the community portal it only removes its local session. Which means when I click on login again I would automatically be logged in. This is acceptable and will cater most cases.

 

But I am curious to know whether there is a way to send a logout request to my identity provider when someone logs out of the community portal essentially to terminate the session at the OpenID Provider.
The OpenID provider I am integrating with does support a logout endpoint.

Hi @mefarazath  apologies for the slow followup on this, but yes this is entirely possible! Can you just submit a support ticket for this to support@insided.com with your remote logout url and we can update + set this for you on your community. Presently it is not a self service item, meaning we have to set this for you - but we’re of course working on improving this and adding it as a self service item in control :smile:

Hi @mefarazath  apologies for the slow followup on this, but yes this is entirely possible! Can you just submit a support ticket for this to support@insided.com with your remote logout url and we can update + set this for you on your community. Presently it is not a self service item, meaning we have to set this for you - but we’re of course working on improving this and adding it as a self service item in control :smile:

Thanks a lot for the reply.

Is there a flow diagram on how this logout flow would work? Just wanted to understand whether the remote URL is called after doing the logout on the insided application side or not.

Also about this URL, can dynamic values be injected from the insided side to the URL or should it be a static one?


In my example, the IDP i am integrating with supports the OIDC RP initiated logout which requires me to send an id_token_hint (the id_token received during login). Wondering whether this is something possible.

 

Reply


Terms & ConditionsCookie settings