I have a setup like this:
MyApp <=OIDC=> Keycloak <=SAML2=> Source_of_Users
and I am doing SSO (SingleSignOn) and SLO (SingleLogOut) between MyApp
and Source_of_Users
.
SLO is particularly important - when/if the user logs out from Source_of_Users
, I want the user to be automatically logged out from MyApp
. If user does not log out from Source_of_Users
, I do not worry about this.
I have implemented the polling scenario where MyApp
periodically polls KeyCloak
to see if the user is still logged in but I want to avoid polling and get Keycloak proactively notify MyApp
when/if users logs out from Source_of_Users
. That’s why I am developing this JavaScript authenticator. Hope I am on the right track.
Thanks for the tip about client logout actions.