I have a similar question.
I have a setup like this:
MyApp <=OIDC=> Keycloak <=SAML2=> Source_of_Users
and I am doing SSO (SingleSignOn) and SLO (SingleLogOut) between MyApp and Source_of_Users (you can also see this discussion)
SLO is particularly important - when/if the user logs out from Source_of_Users , I want the user to be automatically logged out from MyApp . The users can also log out from MyApp and in this case I hit OIDC logout endpoint, which logs the users out of Keycloak, which logs the users out of Source_of_Users
So, when the user initiates the log out from the application, then I certainly see LOGOUT amount “Login Events”. If the user initiates the log out from Source_of_Users, then i do not see them as would the logout does not happen (although i do see that Source_of_Users hits SAML2 logout endpoint at Keycloak). Is this because of backchannel logout?
How can I hook into the logout handler and do something upon users logging out?