[keycloak-user] OpenId logout not working as it should

Adrian Madaras madaras_adrian at yahoo.com
Fri May 4 07:09:44 EDT 2018


Hi Keycloak team,                   We are using Keycloak 3.4.3.Final for a while now with both SAML and OpenId clients. We have encountered a possible bug in your code and we need advice from your side on how to proceed. The problem occurs if we are logged in into multiple SAML and OpenId clients and when we want to log out from 1 OpenId client. The following happens:• Authenticate against a SAML client• Authenticate against an OpenId Client• The SAML client has “Logout Service POST Binding URL” and “Logout Service Redirect Binding URL” configured with a link. -> this is business requirement from our customers as their clients do not send a redirect url in the SAML Logout Request• Logout from OpenId Client with correct redirect url for that OpenId Client -> at this point we are being redirected to the SAML Client page (one from previously logged in) and NO logout happens.
Desired solution is to be logged out from all clients and redirected to the link that we specify in the redirect_uri of the auth/realms/<realm>/protocol/openid-connect/logout request.
Thanks,
Adrian



More information about the keycloak-user mailing list