Currently, logging out of the portal invalidates the browser session. This ticket is to add to this to also invalidate any session active at the IdP level by using the IdP's oauth logout flow.
Central to this is looking into how to handle the situation where there are multiple logged in sessions at the IdP level, and the user is given a choice by the IdP on which session to log out.
Currently, logging out of the portal invalidates the browser session. This ticket is to add to this to also invalidate any session active at the IdP level by using the IdP's oauth logout flow.
Central to this is looking into how to handle the situation where there are multiple logged in sessions at the IdP level, and the user is given a choice by the IdP on which session to log out.