You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a certified OpenID Connect platform, OpenID Providers MUST support the use of the HTTP GET and POST methods at the Logout Endpoint. RPs MAY use the HTTP GET or POST methods to send the logout request to the OP. If using the HTTP GET method, the request parameters are serialized using URI Query String Serialization. If using the HTTP POST method, the request parameters are serialized using Form Serialization.
Add a lastLogout date to the user profile. Check this date against the lastLogin date in the SSOSessionHandler.
This endpoint with POST method must require the use of the id_token_hint as a parameter (Browser cookies are not accessible at this stage).
How to test
Create a security domain
Create a user
Create a web application
Assign an identity provider
Sign-in to your account
Call the LogoutEndpoint with a POST method
Try to get an access token again (/oauth/authorize)
User should be asked to sign in to its account
The text was updated successfully, but these errors were encountered:
User story
As a certified OpenID Connect platform, OpenID Providers MUST support the use of the HTTP GET and POST methods at the Logout Endpoint. RPs MAY use the HTTP GET or POST methods to send the logout request to the OP. If using the HTTP GET method, the request parameters are serialized using URI Query String Serialization. If using the HTTP POST method, the request parameters are serialized using Form Serialization.
https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
Possible solution
Add a lastLogout date to the user profile. Check this date against the lastLogin date in the SSOSessionHandler.
This endpoint with POST method must require the use of the id_token_hint as a parameter (Browser cookies are not accessible at this stage).
How to test
The text was updated successfully, but these errors were encountered: