...
Code Block |
---|
{ "clientid": "cos", "clientsecret": "0lLM43yeXPKtBzyH7s3p5mKzWGS1dLVT", "authority": "https://idp.externalprovider.com", "useuserinfoendpoint": true, "requirehttpsmetadata": false, "useiframelogoutwithidtokenhint":true } |
Standard OIDC does not require to send id_token_hint
when in the logout request, but we will do so as must implementation require it anyways
...
is recommended but not required by OpenID Connect RP-Initiated Logout 1.0. In order to logout from external logon providers such as KeyCloak or SwissId id_token_hint
is required!
Note |
---|
URLs to be redirected to after logout need to be configured as Trusted Sites ( |
How it works
Login
During authentication to external provider the id_token
will be saved to CoreOne Suite cache. The reference to the token will be saved in cookie external_id_token_ref_{auth_scheme}
(for multiple browser scenario).
...