SLO( single logout ) integration issues with SAML in java application getting login screen

a3808 (a3808) asked a question.

Hi ,

I have implemented SSO with SAML in okta which is working fine , but now i am trying to implement SLO with SAML which will be application initiated.

Can any one please resolve my queries

SLO url generated when i am hitting using browser as GET getting 403 unauthroised access . may be this is because the url should be hit using POST
From application and POSTMAN when hitting url as POST with public key signed request , getting response as HTML login page of OKTA and request is not able to recorded in logs og OKTA.

Can any one please confirm whether SLO url generated will be POST request and as i am using java keystore ,

i have uploaded pem file generated out of it in OKTA SLO configuration , signed request using public key from the keystore . is this correct ?

thanks

in advance

Paul S. (Okta, Inc.)
3 years ago
Hello @a3808 (a3808) Thank you for reacting out to our Community!

Based on this doc below, you should be using POST for the SLO. Please see doc below on this matter:
https://docs.spring.io/spring-security/reference/servlet/saml2/logout.html

The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.
Join us in the Oktane discussion group to connect with attendees or just stay connected to the event.
Expand Post
- a3808 (a3808)
  3 years ago
  Hi Paul,
  
  I am trying to implement using openSAML apis , can you please let me know for SAML SLO request to be send as Get or Post signed request .as everytime I hit its saying Access Denied on browser but from application api call is not reaching to OKTA.
  
  Thanks
  Gaurav
  Expand Post
a3808 (a3808)
3 years ago
many thanks @Paul S. (Okta, Inc.) unfortunately my project is not based on spring , instead using servlet based web application , i am trying to to use saml-client library but no luck till now
Expand Post