Back channel logout doesn't work

Hello, I’d prefer to invalidate session in my spring boot application. Make controller with logout, and in Keycloak in field “Back channel logout URL” write “localhost:8080/logout”.
I know that this way it doesn’t work, but what url I should write so, that keycloak will see my method “/logout”?
Thanks a lot

1 Like

It is not very clear what your are trying to achieve here.

BackChannel logout is an operation where the SSO server is sending a logout message to your application, because to user disconnected from another client. So the url you set in Keycloak is an url of your Application, where you have some code ready to receive a POST message containing a JWtin the body, with an sid identifying the previous sent JWT (which also contained this sid), for you to remove the user sessions you may have (if you memorized the sid-session associations). A lot of application does not implement backchannel logout – even if they should --.

Direct logout is when your client sends a logout message to the SSO right after disconnecting from your page, usually your make a redirection to your user browser to https:///auth/realms//protocol/openid-connect/logout with soome extra args (like post_logout_redirect_uri and id_token_hint).

1 Like