We have two clients and user logs in with both. The first one is of public access type and the second confidential access type.
After first login we get token id and if we pass it to logout url as ID_TOKEN_HINT than the logout will happen without consent.
In case we would call the logout url after the second login but use the token id from the first login than consent screen will appear.
I would expect that we can reuse the token id from first request for logout.
We are using Keycloak based on Quay
Do I miss here something?