Saml logout not working
Zitadel version: 3.2.0 (latest)
Login v1 and v2 (we are using v2)
Use federate logout checkbox in IDP configuration: checked
Hello, we have multiple saml idps registered. While the login works fine, the logout does not.
When the logout is triggered, the zitadel session is terminated and the user is redirected to the login page, but when logs in again, it is automatically logged in without passing through the idp login.
If the slo endpoint "https://domain.com/idps/123456/saml/slo" is manually executed, a 400 is returned with body "ID=SAML-3uor2 Message=Errors.Intent.NotFound"
As far as we understood, the saml logout should be triggered automatically when the logout in zitadel is clicked.
Are we missing something? Thanks
3 Replies
bump
Dear ZITADEL team, is the following GH issue needed for SAML logout to work out of the box in the use case described by @sagion?
https://github.com/zitadel/zitadel/issues/9980
GitHub
SAML SLO implementation including session termination · Issue #998...
Implement logout as implemented with OIDC zitadel/internal/api/oidc/op.go Line 250 in 046b165 defaultLogoutURLV2: config.DefaultLogoutURLV2, , which should include the logout through terminating th...
hey @Arnau thanks the bump, I will check the status if this issue within the team and see what they have to say