End Session Endpoint
Endpoint: GET /oauth/v1/logout?post_logout_redirect_uri=https://postlogout.example.com&id_token_hint=eyJraWQiOiJmNDYzYmYyYy04MWE2LTQ5Nzk
Parameters
Refer to the RP Initiated Logout for more detail on the parameters. We have provided a brief description below:
Parameter | Required | Description |
---|---|---|
id_token_hint |
Recommended | Previously issued ID Token passed to the logout endpoint as a hint about the End-User's current authenticated session with the Client |
post_logout_redirect_uri |
Optional | URL to which the RP is requesting that the End-User's User Agent be redirected after a logout has been performed |
state |
Optional | Opaque value used by the RP to maintain state between the logout request and the callback to the endpoint specified by the post_logout_redirect_uri query parameter |
Note: that the post_logout_redirect_uri
must have been previously configured on the client. It will only be respected if the id_token_hint
is valid, it
contains a valid client so the configuration can be retrieved, and that the URI matches the configured default or additional Post logout Redirect URIs.
If no post_logout_redirect_uri
is provided as a parameter, the default value in the client configuration will be used. If there is no configured URIs, it will
leave the user on a success page.
Example response with valid post logout URI
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Successfully logged out</title>
</head>
<body>
<h1>Successfully logged out</h1>
<script>
window.onload = function () {
window.location.href = 'yourpostLogoutRedirectUri';
}
</script>
</body>
</html>
Front-Channel Logout support
Onegini's OP implementation also has support for OpenID Connect Front-Channel Logout 1.0.
Example response with front-channel with two RPs in the session
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Successfully logged out</title>
</head>
<body>
<h1>Successfully logged out</h1>
<iframe style="display:block; visibility:hidden" src="https://rp1logouturl.example.com"></iframe>
<iframe style="display:block; visibility:hidden" src="https://rp2logouturl.example.com"></iframe>
<script>
window.onload = function () {
window.location.href = 'yourpostLogoutRedirectUri';
}
</script>
</body>
</html>