Forums, Documentation & Knowledge Base - ComponentSpace

Understanding SLO


https://componentspace.com/forums/Topic11907.aspx

By Arno - 11/22/2021

Morning,
I'm a complete newbie to SAML, so sorry for any strange or stupid questions...

I configured the SSO, which is working fine and most importend: I understand what I did ;)
But I do not understand how to set the right parameters for the SLO?
For the SSO- configuration I set the SingleSignOnServiceUrl (IdP)  as the URL to which the SAML-InitiateSSO call is sent. The AssertionConsumerServiceUrl (SP) is used to handle the response of the IdP.
For the SLO-configuration I set the SingleLogoutServiceUrl as the URL to which the InitiateSLO is sent, but how do I tell the system (or how does the IdP knows) to which page the response must be sent, so I can call ReceiveSLO?

Hope you can help me.

Arno

By ComponentSpace - 11/23/2021

The <PartnerIdentityProvider> SingleLogoutServiceUrl is where SAML logout messages are sent to the partner IdP.

The single logout service endpoint in your SP app is where SAML logout messages are received from the partner IdP. This URL would be configured at the IdP but there's no configuration in your SP for this endpoint. In other words, there isn't a <ServiceProvider> SingleLogoutServiceUrl.