Client logout without logging completely out of the IDP
kdudley21 opened this issue · comments
Confirm you've already contributed to this project or that you sponsor it
- I confirm I'm a sponsor or a contributor
Version
5.1.0
Question
Is there a way to log a user out of a specific application/client without logging them completely out of the IDP ?
Is there a way to log a user out of a specific application/client without logging them completely out of the IDP ?
Nope, backchannel logout is not currently supported (and frontchannel logout is a dead feature due to the ban of third-party cookies in recent browsers).
What's your scenario?
Thanks !
This isnt currently required but lets say a user is authenticated in application A and application B. The user logs out of application A but wants to stay logged into application B.
The more I think about it the user would still be logged into application B by default since it has already performed the authentication process. So I think I'm good and I am just overthinking scenarios.
The more I think about it the user would still be logged into application B by default since it has already performed the authentication process.
Ah yeah, most clients keep a local session that is independent from the IdP session (typically, by simply using an authentication cookie): clearing your session from client B doesn't affect client A.
Yep! Thanks again for all your help!