The HTTP-Redirect binding [SAML2Bind] MUST be used for the transmission of <samlp:LogoutResponse> messages.

canada-ca / CATS-STAE

Cyber Authentication Technology - Technologie d’authentification électronique

https://canada-ca.github.io/CATS-STAE/

14 stars 1 forks source link

The HTTP-Redirect binding [SAML2Bind] MUST be used for the transmission of <samlp:LogoutResponse> messages. #14

Closed scottallan closed 4 years ago

scottallan commented 5 years ago

https://github.com/canada-ca/CATS-STAE/blob/34f73e2598c9ac47b4e7c11fdd7a2115ea0e44e2/docs/saml2cred.html#L2887

Is this correct? wouldn't the response be over backchannel for those SPs that support SOAP logout binding?

harrdou commented 4 years ago

This is for the "result" transmission back to the SP that initiated the logout, not for propagation to other SPs which would be done using a <samlp:LogoutRequest> message.