The article for the saml2 setup (https://www.baeldung.com/spring-security-saml), fails a SLO. As the it does not mention anything in regard to adding a SP Issuer, which will lead to SP SLO failure, while IDP initiated logins would work well.

The SP Issuer needs to be same as the "Audience Restriction".

I have tried and verified this. As without the SP issuer I can see the following log in my Okta:

Apr 02 19:50:06

Siddharth Baranidharan (User)
User single sign out from app
FAILURE: Issuer does not match
SAML SLO  (AppInstance)
Siddharth Baranidharan  (AppUser)

Requesting to update the document, will help other folks implement without any issues :)