0

I'm working on an OpenID Connect implementation, that is going to work as a single sign-on for multiple applications. I get how to sign out a user from a single application or simply revoke refresh tokens for further renewal of access tokens. But from looking at Google's implementation; when you sign out from Gmail you are immediately signed out from all other Google apps like; YouTube, Google + etc.

How is such behavior accomplished?

Gusten
  • 882
  • 1
  • 7
  • 14

1 Answers1

1

OpenID has the concept of single sign out - but the spec is still in draft:

http://openid.net/specs/openid-connect-session-1_0.html

IdentityServer v3 does not implement this spec right now - but it is planned for RTM.

leastprivilege
  • 18,196
  • 1
  • 34
  • 50