According to this code:
https://github.com/keycloak/keycloak/blob/master/adapters/oidc/adapter-core/src/main/java/org/keycloak/adapters/CookieTokenStore.java#L100

The cookie is only reset at the place where the logout path is. For instance:

Applications serve at /foo/app and /bar/app
And logout path is just /logout

In that case that won’t work because cookiePath for removeCookie would be /logout.

The problem is the user is still logged in within the period of Access Token Lifespan.

It doesn’t make sense to have different logout URL for each application as such /bar/logout and /foo/logout .

Is there a way to just keep single logout which logs out the user for each application?

Thanks,
Sarp Kaya