[keycloak-user] Single Logout in Identity brokering mode

Hello! I'm working on Single Logout in Identity broker mode. App -> Keycloak (OpenIdConnect) Keycloak -> 3'd party (SAML) Documentation to keycloak states that there are 2 ways to execute logout. 1) HttpServletRequest.logout(). 2) redirect the browser to http://auth-server/auth/realms/{realm-name}/protocol/openid-connect/logou... If I execute 2) it indeed causes Keycloak send SAML Logout request to the 3'd party Idp. However if I execute 1) SAML logout request is not sent thus 3'd party session is still valid. (I see that by enabling trace logging in keycloak and by fact that user is still logged in) Is it something by design/misconfiguration at my side or a bug?