[URGENT]
I have a scenario that I have two application in which on main application using OIDC protocol and another application is using SAML protocol.
Now if I am logging out from OIDC application SAML should also logged out.
How we can achieve this using Keycloak (using any API or config or any other way), that when logout OIDC application SAML application should logout???
Best Regards,
Avantika
I have the same setup, one uses SAML for authentication while another app uses OIDC. It works fine with the defaults.
Many times when an application uses OIDC it uses it purely for providing identity only. Once the application has your identity, most times it will create it’s own session with whatever its standard is. Notice how if you sign into your app using OIDC, your SAML app will automatically sign in. If you sign out of your SAML app, more likely than not if you refresh your OIDC app, it will still be signed in because it used OIDC for identification, not session management.
Now with all of that out of the way, if you want your SAML app to sign out when a user signs out of your OIDC app, make sure it calls the URL specified under “end_session_endpoint” in your openid-configuration. It’s going to take the form of https://{auth-domain}/auth/realms/{realm}/protocol/openid-connect/logout. This will terminate the session and cause the SAML application to log out.