<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008KhkZlSAJOkta Classic EngineSingle Sign-OnAnswered2020-06-02T21:40:20.000Z2018-09-13T17:48:08.000Z2020-06-02T21:40:20.000Z

VincentS.85812 (Customer) asked a question.

September 13, 2018 at 5:48 PM
Is there a SignOff URL I can redirect to when a user logs out of my application?

When a user logs out of my application they are currently returned to the application's default login page. If anyone enters any credentials (right or wrong) into that page it redirects them to the OKTA SingleSignOn URL - which has cached credentials for the last user who logged in - and the application opens.

 

Is there a SignOff URL that I can redirect the user to upon logout to prevent this security problem?

  • 7 answers
  • 6.62K views

  • alexandru.moraru1.5000675512268237E12 (Okta, Inc.)

    Hi Vincent,

     

    For this scenario we recommend using Single Logout (if your app supports it). With this the user logs out from the app, then gets logged out from Okta as well. Also in this case the bast practice is to not have the credentials stored/ cached in the used browser.

     

    Alexandru Moraru

    Technical Support Engineer

    Okta Global Customer Care

    Expand Post

  • VincentS.85812 (Customer)

    I already replied to the same copy/pasted answer asking for clarification. Please read the question.

    Is there a SignOff URL that I can redirect the user to upon logout to prevent this security problem?


    Regards,
    Vincent
    Expand Post

  • alexandru.moraru1.5000675512268237E12 (Okta, Inc.)

    Hi Vincent,

     

    At the moment no, the sign off process is out of Okta's scope. We can not point the app where to go after the user gets signed off, you can either built a flow or reach out to the Service Provider.

     

    Alexandru Moraru

    Technical Support Engineer

    Okta Global Customer Care

    Expand Post

  • VincentS.85812 (Customer)

    Maybe I am not making myself clear.

    During the Application registration process within OKTA for SAML 2.0, there is a Single Sign On URL generated. Clicking on that link anywhere takes the user to that application via an OKTA Login Prompt if needed.

    The logout process of our application allows me to specify a landing URL to send the user to after they logout of the application.

    Is there a Single Sign Out URL available for the application similar to the Single Sign On URL mentioned above? If there is, I can configure the application to go to that URL and everything will be good.

    Regards,
    Vincent
    Expand Post

  • alexandru.moraru1.5000675512268237E12 (Okta, Inc.)

    Hi Vincent,

     

    At the moment we don't have such a feature. We only provide Single Logout option which has a SLO URL, points back to Okta and signs off both Okta and App sessions. For more details or troubleshooting please open a support ticket.

  • VincentS.85812 (Customer)

    OK. Thanks.

    I have found where I can set that but I don't think I want to be logging people out of all apps. I will leave it for now.

    Thanks for your help

    You can close out the ticket

    Regards,
    Vincent
    Expand Post
This question is closed.
Loading
Is there a SignOff URL I can redirect to when a user logs out of my application?