SAML SLO - How to sign a logout request using SP certificate?

Loading

Skip to Navigation Skip to Main Content

Search

Search

Select Language

0D50Z00008C3jicSABOkta Classic EngineOkta Integration NetworkAnswered2024-04-15T09:54:48.000Z2016-07-21T14:35:19.000Z2020-07-16T17:59:25.000Z

MiteshJ.22605 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM

SAML SLO - How to sign a logout request using SP certificate?

Hi,

We started using SAML authentication in our application. We have implemented SSO and it is working fine. In case of SLO, identity provider(OKTA) requires to sign logout request using SP certificate and i think will authenticate the message using public key of SP certificate.

But We are new to these certificates and don't have exact idea how to sign a request.

It will be great if we have some code/sample to sign a request as mentioned above.

Thanks,

Mitesh

Top Rated Answers

james.flores1.4616875318781074E12 (Okta, Inc.)
Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:27 AM
Hi Mitesh,

Have you taken a look at page 32 section 4.4 of the Oasis SAML v2.0 document? It discusess Single Sign Out profiles, how they are configured and how they function.

http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
Expand Post
Selected as Best

All Answers

james.flores1.4616875318781074E12 (Okta, Inc.)
Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:27 AM
Hi Mitesh,

Have you taken a look at page 32 section 4.4 of the Oasis SAML v2.0 document? It discusess Single Sign Out profiles, how they are configured and how they function.

http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
Expand Post
Selected as Best
gabriel.sroka1.4374539321839353E12 (Okta, Inc.)
Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:27 AM
Hi Mitesh,
Are you writing your own SAML SP? Or using a library? We recommend using a library or an out of the box SAML SP. These should already have signing functions. Otherwise, there are code samples on the internet.
Expand Post
edward.holliday1.413788283869593E12 (Okta, Inc.)
10 years ago
and configuring Okta's app SLO URL to "https://yourorghere.okta.com/login/default" is a good default SLO URl
Expand Post
JeromeF.27182 (Customer)
9 years ago
The document provided does not have any details about the required certificate.
Expand Post
s0n8i (s0n8i)
6 years ago
I could not find enough documentation for this Single Logout from SP. Can someone please direct me to any docs if available? I am kind of stuck with this configuration.
Expand Post

This question is closed.

Recommended content

Forum

Not able to configure Single Logout(SLO) in Okta using a SP initiated request in App Integrations using SAML 2.0 even when I have provided the below configuration settings in the wizard

Forum

How to configure SP-initiated Sign On on App Integration using SAML?

Forum

how to generate Signature Certificate and sp issuer & Single logout url???

Forum

SAML SLO Certificate

Loading

SAML SLO - How to sign a logout request using SP certificate?