0

I am need an advice how to configure the single logout service url for SSOCIRCLE idp.

I have found the page which helped me with configurung SSO url:

https://www.ssocircle.com/en/idp-tips-tricks/ssocircle-how-to/ point 5.

For example, here is my sso: https://idp.ssocircle.com/sso/idpssoinit?metaAlias=%2Fpublicidp&spEntityID=acc/test.com/testidp

How should I configure slo url?

Also here is some docs: https://www.ssocircle.com/en/idp-tips-tricks/public-idp-configuration/ but I cant understand what should be in url instead of: 'IDPSloPost' value.

Could anyone please suggest the solution ?

Andrew
  • 591
  • 2
  • 12
  • 33

1 Answers1

0

You can either trigger the single logout process from your SP sending a LogoutRequest to the endpoint as listed in http://https://www.ssocircle.com/en/idp-tips-tricks/public-idp-configuration/ (use the correct endpoint matching the binding your SP uses).

Or you can start the logout process from the IDP using the URL https://idp.ssocircle.com/sso/IDPSloInit?metaAlias=%2Fpublicidp Please keep in mind that SLO is much harder to achieve than SSO. All SPs must support the flow correctly otherwise the flow of redirects easily break in front channel bindings.

Glorfindel
  • 21,988
  • 13
  • 81
  • 109
Hos
  • 447
  • 4
  • 11
  • I want trigger the logout process using logoutRequest from my SP. You have mentioned correct endpoint matching binding. What do you mean? Can you explain please on url example ? – Andrew Feb 28 '18 at 08:45
  • Actually your answer helped me out. First of all I am log out from my SP, then I am generating logout request to ssocircle and send it on https://idp.ssocircle.com/sso/IDPSloInit?metaAlias=%2Fpublicidp (it contains relay state, where I will navigate after) and then I am navigating to my SP because of relay state (I guess) and processing logout at my SP. – Andrew Feb 28 '18 at 11:07