[SAML / OIDC] Logout Problem since v23.0.0 with external IdP

Hey,
im just going to Past my Post from Github. Maybe we find an answer here, too.

We recently stumbled across a the follwing Problem.
Since Keycloak Version v23.0.0 (till 25.0.1), we’re facing a Problem with loggin out of a Session, after a successful Authentication.

After a logout, users getting redirected an instantly Logged in again. The Problem occures across all Realms and Clients!
Its reproduceable due the account-console.

Our Enviroment:

• Keycloak as Service Provider
• Authentication via SAML IdP Provider (ADFS)

It seems like it has something to do with → Update-to-Cookies

Befor i open a Issue, has anyone faced this Problem. Maybe there is an Easy Solution to it?
Greetings
KCNewb

Hi, the problem is that you have redirect url to home-url of your application, and also in SAML IDP configured as home-url. When you perform logout, you are redirected to redirect-uri but your session is terminated only in Keycloak, not in IDP (Service Provider), so Keycloak is registering session and re-login again.
So in order to prevent this, you can add post-logout step to do something that will redirect user to some other page or whatever.
Try to do logout with different redirect-uri it will work.
Play with configuration on KC or even SP.