0

Not sure how to go about the following scenario:

User logs in with SAML using in an Azure enterprise configured application.

User authenticated succesfully. If user now logs out from Azure -> I can catch this event using the logout url.

However if the user is deleted / removed from the organisation the user is still logged in in my application.

I've implemented similar logic with Oauth and refresh tokens, didn't find an equivalent using SAML.

fpopa
  • 1
  • Hi Fpopa, welcome to the community! Please outline the research you have done so far and what you have found. Give specifics please. – Nik P May 12 '20 at 15:18
  • Hi, it doesn't really solve my problem, also I didn't find an answer yet. – fpopa Jun 26 '20 at 17:39

1 Answers1

0

As of now there is no support in SAML for the user provisioning events performed by the Idp.

In Azure enterprise configured application there is feature for Automate user provisioning and deprovisioning to applications which ensure that the identities in your app and systems are kept up to date based on changes in the directory or your human resources system.

For more information you can refer this link

Raghavendra beldona
  • 1,937
  • 1
  • 4
  • 9
  • Thanks for answering. I wouldn't like to force users to login via the SAML every time they open my app, and when using the passive flag form the SAML request, I can't find any token validity in the AuthnStatement, inside the response. – fpopa May 07 '20 at 21:21