[mitreid-connect] simple-web-app and OIDC : single logout
Justin Richer
jricher at mit.edu
Mon Aug 17 12:23:25 EDT 2015
Yes, that is intentional. The web sessions between the two applications
are different, and you don't want a single RP to be able to force a
logout at the IdP. The OIDC Session Management spec (still in draft)
does have a mechanism to let an RP request a logout at the IdP, but that
has not yet been implemented in MITREid Connect.
-- Justin
On 8/17/2015 10:02 AM, Zhanna Tsitkov wrote:
> Hi,
> While testing with the simple-web-app I’ve noticed that logout from the application does not cause the OIDC logout. Was it intentional? What are the recommendations how to implement single logout?
> Thanks,
> Zhanna
> _______________________________________________
> mitreid-connect mailing list
> mitreid-connect at mit.edu
> http://mailman.mit.edu/mailman/listinfo/mitreid-connect
More information about the mitreid-connect
mailing list