Your SP is responsible for the local login/logout of the user.
You need to configure a SAML logout endpoint for your relying party in ADFS.
The URL is the endpoint in your application to receive SAML logout messages.
We recommend specifying the HTTP-Redirect binding but HTTP-Post may be used instead.
In your saml.config you'll need to configure the SingleLogoutServiceUrl which is the ADFS endpoint that receives SAML logout messages.
The endpoint is the same URL as that of the SingleSignOnServiceUrl.
When ADFS initiates SLO, at your SAML logout endpoint you should call SAMLServiceProvider.ReceiveSLO to receive and process the logout request.
Your application should then logout the user locally before calling SAMLServiceProvider.SendSLO to create and send a logout response to ADFS.
The following section of code is from the ExampleServiceProvider and demonstrates this.
In this example, forms authentication is used but the logout method is application specific.
SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);
if (isRequest)
{
// Logout locally.
FormsAuthentication.SignOut();
// Respond to the IdP-initiated SLO request indicating successful logout.
SAMLServiceProvider.SendSLO(Response, null);
}
You'll find more information in our ADFS Relying Party Integration Guide.
https://www.componentspace.com/Forums/9358/ADFS-Integration-Guides
Regards
ComponentSpace Development