Hi.
I have configured a SAML client in Keycloak specifying the following parameters:
- Client ID
- Valid redirect URIs
- Master SAML Processing URL
- Name ID format: email
- Force POST binding: ON
- Front channel logout: OFF
My client app (it’s an external app with guide to configure Keycloak, I made everything step-by-step) uses the Remote Logout URL like this:
https://keycloak-server.com/realms/my-realm/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fclient-app.com%2F&client_id={client-id}
I do not have access to the id token, so I cannot provide the id_token_hint parameter.
And I get two things that trouble me:
- The most important one is the logout confirmation page with another Logout button after I click “Sign out” in my client app.
- Authentication Redirect after I successfully sign in in Keycloak and before redirecting to the client app.
Is there some way to fix these problems?
Am I missing some more configuration steps (I didn’t touch the advanced section of the client configuration in Keycloak)?