[keycloak-user] keycloak logout.js on brokering idp mode

java_os java at neposoft.com
Thu Nov 24 10:06:49 EST 2016

Anyone here be able to say what really happens behind the scenes when
using keycloak.js LOGOUT?
Need to know how it relates to the following 2 configs:
 - Single Logout Service URL
 - Backchannel Logout

My thought is that if the above 2 settings are left empty, keycloak will
kill its current browser session and redirect to the IDP login page? Y/N?

If SLSU is set will call into the IDP logout url, kill browser session and
display IDP login page.
What is Backchannel Logout ON/OFF doing.
Keycloak devs, anyone can explain in details around logout through

Problem I see, when brokering Shibboleth, it fires request on shib and it
returns AuthFailed response- no idea why.
Same flow, when IDP is ADFS runs just fine.
I know shib I am forced to use is an outdated one: 2.3.3


More information about the keycloak-user mailing list