Winforms app - single sign out?

[andrewsheard]

Question

I have a WinForms app that is using the loopback listener interface (spec 7.3) to perform SSO so users can log in once and have access to both the native WinForm app and a Web MVC application. Logging in works fine.

My question is how can I trigger the native app to sign out when the MVC app signs out via the back channel? Is this part of the specification, I can't find it if so? The backchannelredirecturi also doesn't allow random ports so this seems incompatible?

The spec specifically says that the listener interface should be short lived so continuously listening on a /logout endpoint seems like a bad idea, but to me it seems like the only option.

Is this the way you would implement this? Or is there a better way?

[leastprivilege]

Important update

This organization is not maintained anymore besides critical security bugfixes (if feasible). This organization will be archived when .NET Core 3.1 end of support is reached (3rd Dec 2022). All new development is happening in the new Duende Software organization.

The new Duende IdentityServer comes with a commercial license but is free for dev/testing/personal projects and companies or individuals making less than 1M USD gross annnual revenue. Please get in touch with us if you have any question.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Questions are community supported only and the authors/maintainers may or may not have time to reply. If you or your company would like commercial support, please see here for more information.

[github-actions[bot]]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.