End OpenID Connect session on CyberArk Identity

The client can request the "/endsession" API to end the user session on the CyberArk Identity as below:

POST {tenant_url} /OAuth2/EndSession/{application_id}?post_logout_redirect_uri={post_logout_ur}&state={state} &id_token_hint={id_token}

Post logout from the CyberArk Identity, the user can be redirected to the specified post logout URI.

State parameter can be optionally sent in the end session request. This parameter is returned as the query parameter in the post-logout URI; hence, the RP can use this parameter to validate the response.

👍

Integrate endsession endpoint using CyberArk Identity SDKs

CyberArk Identity provides SDKs to integrate end session endpoint into your applications.

• Android SDK: https://identity-developer.cyberark.com/docs/logout-client-session-from-the-browser

• iOS SDK: https://identity-developer.cyberark.com/docs/integrate-logout-functionality-into-the-app