...
You can see useiframelogoutwithidtokenhint
is set to true (line 7). This has to be set for the logout to work.
...
Code Block |
---|
{
"clientid": "cos",
"clientsecret": "0lLM43yeXPKtBzyH7s3p5mKzWGS1dLVT",
"authority": "https://idp.externalprovider.com",
"useuserinfoendpoint": true,
"requirehttpsmetadata": false,
"useiframelogoutwithidtokenhint":true
} |
id_token_hint
when in the logout request, but we will do so as must implementation require it anyways
...
is recommended but not required by OpenID Connect RP-Initiated Logout 1.0. In order to logout from external logon providers such as KeyCloak or SwissId id_token_hint
is required!
Note |
---|
URLs to be redirected to after logout need to be configured as Trusted Sites ( |
How it works
Login
During authentication to external provider the id_token
will be saved to CoreOne Suite cache. The reference to the token will be saved in cookie external_id_token_ref_{auth_scheme}
(for multiple browser scenario).
...