Can't finish SAML logout as there is no logout binding set


I have a SSO integration with a keycloak install mostly working, except for the logout redirect. I’m using Apache Mellon with a reverse proxy. My Realm client doesn’t explicitly specify the “Logout Service POST/Redirect Binding URL” values under the “Fine Grain SAML” section, but the SAML descriptor XML definitely has the POST and Redirect SingleLogoutService bindings noted.

The SSO integration for logout will direct the user browser to: http ://proxy.test.demo/mellon/logout?ReturnTo=/camunda/app/tasklist/default/

Mellon will redirect to keycloak to log the user out:


My Chrome browser will note a 404 bad request, and in the keycloak logs I see:

23:30:49,865 ERROR [org.keycloak.protocol.saml.SamlProtocol] (default task-14) Can't finish SAML logout as there is no logout binding set. Please configure the logout service url in the admin console for your client applications.

Can anyone provide me with a clue on what the issue might be? Any help is greatly appreciated. Thank you.

Hi there,

Have you got the solution on this. I am also facing the same issue but the only difference is I am running keycloak behind nginx proxy.

Thanks you.


I’m working with a SAML client in keycloak 17 now.

I see that has passed more than three years from last response but I want to share my experience with this topic.

I was running the same issue when I payed attention to the text.

I had the idea to set the Logout Service Redirect Binding URL parameter in the Settings tab on my SAML client.

After that, my keycloak instance did not show that error anymore.

I hope that helps anyone entering here looking for answers.

Thanks so much your answer resolve my problem

1 Like