My client’s “Backchannel logout URL” is not getting called whenever an user logs out.
- Confidential flow
- Backchannel Admin URL:
http://test.bla.io/auth/k_logout
(I am expecting a request at this exact address). - Backchannel logout session: required
- Admin URL: none
When I force a logout (delete user session) in the Keycloak admin interface, I expect all clients within the realm to receive a request at their respective “Backchannel logout URL”. I never receive such HTTP request.
To re-iterate, I am expecting Keycloak to let client(s) know that an user session has been removed whenever:
- the user logged out via
end_session_endpoint
- the user logged out via their keycloak interface
- the keycloak admin forcefully removed the session
In any of these cases, my client needs to know “what happened” (i.e: receive an event that the user logged out) because my client(s) have their own session management which will need to get invalidated.
Why is my URL not being called?
- Keycloak 19.0.1
- Edge mode (nginx TLS terminated)