xn8e9 (xn8e9) asked a question.
Dear OKTA Team,
I have a question related to session logout of OKTA & SAML linked systems(SP systems).
In current our OKTA configuration, users log into OKTA and access the SAML integrated systems through OKTA main page. But, even if I log-out from OKTA, the used systems (Service Provider) session is alive and users can access and use the systems without alive OKTA authentication session.
What we want is when users logout from OKTA, then related systems authentication, which were used in previous OKTA authentication session, are automatically session out and users need to re-direct to OKTA initial login page.
Would it possible through OKTA configuration? Because some departments in Samsung are using few common PCs for multiple users, and their system authentication is mixed and having some data integrity issue.
(ex. User A can access a system with previous User B session, even if user B logged out from OKTA before User A access the system)
some apps do allow okta to log them out, I personally never allow it. I make that app owners responsibility. For shared pc’s make a gpo on logout or close browser to clear browsing history, cookies, saved passwords and cred store.