Keycloak as identity provider

I have a third party Identity Provider and I am using OIDC between IP and Keycloak. The instruction I follow is The problem I face is when a user logout from the protected APP, the session is not terminated. Do you know what configuration I may missed? Besides, is it the Identity Provider should terminate the session or should Keycloak do that?