seyfeb
commented
8 months ago I would also like to see support for id_token_hint (if there is none).
However you can keep using the post_logout_redirect_uri and add a second GET parameter named client_id, which is the id of your oidc client.
So in the Social Login plugin you may set the Logout URL (optional) field to something like https://cloud.domain.com/realms/myrealm/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fcloud.domain.com&client_id=nextcloud-client
I tested this at least for Keycloak other providers may behave differently.
Hello everyone!
I've got a problem, I am using keycloak as IDP and can login etc. with it for nextcloud. When logging out I need to confirm my logout on the site of keycloak. Also redirect_uri ist not working for me, not even with '*' on Valid post logout redirect uris in keycloak. Keycloak is writing about the old logout and new logout mechanism: https://github.com/keycloak/keycloak-documentation/blob/main/securing_apps/topics/oidc/java/logout.adoc https://openid.net/specs/openid-connect-rpinitiated-1_0.html
That one is working with post_logout_redirect_uri and id_token_hint. Is there any possibility to use this method to logout with your nextcloud plugin? I can set the post_logout_redirect_uri GET param, but I can not set that id token ofc....
Hope somebody can help me, thank you for your time and effort! Have a good one :)