Logout with SSO always redirects back to logged-in session
0
Hi everyone, I am implementing logout functionality in my Mendix app which uses SSO (IDP).Currently, I am calling mx.session.logout() and then redirecting to the logout URL, but the behavior I see is: After logout, the app directly logs me in again without asking for credentials. Instead of showing the login page where I can enter my ID, it just reuses the previous SSO session. What I want is: On logout, the user should be properly logged out from SSO. Next time they try to access the app, they should see the login screen and enter their ID again. Has anyone faced this behavior before? Do I need to call a specific IDP logout endpoint, or configure something differently in Mendix? Thanks in advance for your guidance! Reemali
asked
Reemali Patil
3 answers
0
" Do I need to call a specific IDP logout endpoint [...]?"
Yes, this is indeed the case. What the logout endpoint looks like exactly depends on your IDP.
answered
Eline Bijkerk
0
Hi Reemali,
Your IDP logout endpoint I guess is empty and therefore the user is redirected to the app's homepage (potentially /SSO/ by the sounds of it). This then logs the user back in again via SSO. If you want them to be able to see the login page after logging out then you need to set the IDP logout endpoint to your /login.html page on your app.
Hope that helps, Jon.
answered
Jon Elliott
0
For SAML, if your IdP and Mendix SAML module are correctly set up you can do single logout by redirecting the user to <yourapp>/SSO/logout