didmos

Front-channel Logout

didmos

Overview
Overview
- Introduction
- Demo
didmos Core
didmos Core
- Backend
  Backend
  - Introduction
  - Setup
    Setup
    
    Installation
    
    First steps
  - Administration
    Administration
    
    Configuration
    
    Configserver
    Configserver
    
    Configserver permissions
    
    Assignment Sync
  - Operations
    Operations
    
    Logging
- LDAP
  LDAP
  - Introduction
  - Setup
    Setup
    
    Installation
    
    First steps
  - Administration
    Administration
    
    Configuration
  - Operations
    Operations
    
    Logging
didmos Auth
didmos Auth
- Introduction
- Setup
  Setup
  - Installation
  - First steps
- Administration
  Administration
  - Backends
    Backends
    
    OpenID Connect (OIDC) Backend
    
    SAML2 Backend
    
    SQL Backend
  - Discovery
    Discovery
    
    Discovery
  - Frontends
    Frontends
    
    Front-channel Logout
  - General
    General
    
    Internal Attributes
    
    Layout
  - Microservices
    Microservices
    
    client-based-templates microservice
    
    MFA integration in didmos2-auth
  - SSO
    SSO
    
    SSO Management
- Operations
  Operations
  - Operations
- Development
  Development
  - Development Environment Setup
didmos LUI
didmos LUI
- Introduction
- Setup
  Setup
  - Installation
  - First steps
- Administration
  Administration
  - Configuration
- Operations
  Operations
  - Logging
didmos Provisioner
didmos Provisioner
- Provisioner
  Provisioner
  - Introduction
  - Setup
    Setup
    
    Installation
    
    First steps
  - Administration
    Administration
    
    Configuration
  - Operations
    Operations
    
    Logging
- Worker LDAP
  Worker LDAP
  - Introduction
  - Setup
    Setup
    
    Installation
    
    First steps
  - Administration
    Administration
    
    Configuration
  - Operations
    Operations
    
    Logging
didmos ETL Flow
didmos ETL Flow
- Introduction
- Setup
  Setup
  - Installation
  - First steps
- Administration
  Administration
  - Configuration
- Operations
  Operations
  - Logging

Front-channel Logout

The call to /didmos/logout ends the OIDC session and redirects the user to the URL which is configured in the RP client configuration post_logout_redirect_uri in didmos2-auth. This removes all the session related data from didmos2-auth persistent storage and removes the following cookies:

didmos_backend_discovery
didmos_local_sso or didmos_sql_sso (which ever backend is activated)

The above cookies are used to regulate the SSO session in didmo2-auth.

It is important to note that if didmos2-auth is being used with a 3rd party backend, for example, any external SAML IdP or any external OIDC, then the user session with those external entities will not be logged out. It is only the front-channel logout which takes place by invoking the /didmos/logout.