Closed solsson closed 8 years ago
The extra redirect was according to spec in the FAQ: "If the OP supports Session Management then the user will be redirected to the OP for logout as well."
Visit the OIDCProviderMetadataURL to see that Keycloak declares an end_session_endpoint
. Let mod_auth_openidc take care of logout as described in https://github.com/pingidentity/mod_auth_openidc/wiki/Session-Management#logout.
Fixes #1. See also #5 for future work.
To address #1.
I dont think this kind of internal details should be left to the UI layer, so I added the special URL
/logout
.