<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jnSSAROkta Classic EngineAdministrationAnswered2024-04-20T03:26:20.000Z2017-10-30T18:02:45.000Z2017-10-30T18:02:45.000Z

raja.shravan1.5105919491617039E12 (Customer) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Logout multiple Apps separately - SP Initiated Setup
I have two Applications A and B. App A is configured using OOTB application and App B is configured using SAML 2.0. Both apps use SP initiated URLs for SSO and I am able to login successfully. But when I click on logout and paste the URL in a different tab same browser, I could able to login to the app without the need for credentials that is because the Okta session is still valid.

 

Is there a way to invalidate Okta session when we click on the SP logout button? I need it for both OOTB and app created using SAML 2.0.

 

Thank you in advance.
  • 1 answer
  • 2.58K views

  • alexandru.preda1.485391231955779E12 (Okta, Inc.)

    Hi Shravan,

     

    Alex here with Okta's Customer Support Team, thank you for reaching out to us.

     

    From what I can see based on your description, you`re seraching for Single Logout, that would help you to also signout from Okta when you click the Sign out button from the SP. 

    We curently support this for SAML, however, the application (SP) you`re using must also support Single Logout. 

     

    Here are some detils :

    Single Logout – Allows users to log out of both a configured custom app and Okta with a single click (but not out of other apps that may be open). For more information, see the section Single Logout Profile in the guide Profiles for the OASIS Security Mark Up Language (SAML) version 2.0. (http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf(http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf))

    If Enable Single Logout is specified, the following three options are available. 
    • Single Logout URL – Specify where you want to send the logout response.
    • SP Issuer – The issuer for the service provider.
    • Signature Certificate – Determines the public key certificate used to verify the digital signatures. Browse to select the certificate, then click Upload Certificate.
     Note: If SAML Single Logout is configured, a field for Identity Provider Single Logout URL appears in the SAML 2.0 setup instructions.

     

    The above details can also be found here :   

    Thank You,

     

    Alexandru Preda

    Technical Support Engineer

    Okta Global Customer Care

     

    Expand Post
This question is closed.
Loading
Logout multiple Apps separately - SP Initiated Setup