Open enricorr opened 4 years ago
When you authenticate a 'HZN' cookie gets saved which if the lifetime is still good with auto authenticate again. The best way to solve this issue is to make the Access Policy within Workspace ONE Access (VMware Identity Manager) have a policy lifetime of 5 minutes or something very low that fits your use case.
You can make an access policy specific to this app to define a custom lifetime.
I didn't find any reference on the single sign on for mobile wiki for a way to close the vmware identity provider session.
Tested the flow with an iOS app and the login in flow is working fine but because we are using SFAuthenticationSession/ASWebAuthenticationSession there is no easy way to clear the session on the browser. Once the user has gained initial access, it can sign in without prompting the userid/passwd even when i'm starting the flow again with: [tenant_location]/SAAS/auth/device/register.
Also tested with the "prompt:login" additional parameter on register call (Optional on OpenID Connect Specification) and it didn't work
It will be wonderful to have a logout url and a redirect URL for it and to be able to call it from the app, just like the register, activate or oauthtoken urls.
Any thoughts on how to close the session on vmware from an app's call ?