We are using SAML provider in GCIP (SP) to integrate with Salesforce as external IDP. Our web application authentication happens via Firebase app (google identity toolkit proj) and works as expected.
We want to destroy GCIP session and SAML SSO session when the user clicks on logout in application.
We do not see any configurable property on SAML provider setting in GCIP to provider SAML Single Logout url.
Invoking /gcp-iap-mode=GCIP_SIGNOUT shows that signout is happening but it is reauthenticating the user without credentials being requested.
How can we achieve logout so that user will be forced to login again?
Asked
Active
Viewed 1,036 times
2
tronline
- 117
- 1
- 9
-
2AFAIK, it's an internal open issue on Google Side (I worked with Google recently with SAML third party IdP, on unrelated issue, and this one was close of my issue but not mine. It was 2 weeks ago) – guillaume blaquiere Feb 04 '21 at 17:10
-
You can file a [feature request](https://cloud.google.com/support/docs/issue-trackers#feature_requests) and logout option that force user to login again. – Serhii Rohoza Feb 05 '21 at 14:07