You can end the CyberArk Identity browser session when users log out of a federated application, with the option to redirect users to a pre-determined URL. This is relying party initiated logout, as described in the OIDC spec here.
post_logout_urlis not used, CyberArk Identity redirects users to
/, resulting an HTTP response 302 Found.
statequery parameter is passed to the relying party when users are redirected with
id_token_hintis accepted, but not utilized. Session information in the cookie is used to destroy the session.
The response indicates 302 Found if the session was successfully destroyed and the user redirected.
HTTP/1.1 302 Found Location: https://www.mycompany.com
Updated about 1 year ago