Logout Endpoint (End-Session)
1. Clear Authentication Session and Cookie
The cidaas server exposes an optional logout endpoint redirecting to the logout endpoint clears the authentication session and cookie.
If the requesting client has registered a post logout redirection URI, the cidaas server will redirect the browser to it after the logout confirmation dialog .
The logout (end-session) endpoint is specified in OpenID Connect Session Management 1.0.
2. Web API Overview
Resources |
---|
|
Errors |
---|
|
3. Resources
3.1 [/session/end_session]
3.1.1 GET
Sends the end-user to log out of the OpenID provider.
Parameters:
- [ access_token_hint ] Previously issued access token passed to the logout endpoint as a hint about the end-user’s current authenticated session with the client. Use of this parameter is recommended.
- [ id_token_hint ] Previously issued ID token passed to the logout endpoint as a hint about the end-user’s current authenticated session with the client. Use of this parameter is recommended.
-
[ post_logout_redirect_uri ] URL to which the browser should be redirected after the logout dialog (regardless whether the end-user agrees or not to log out of the OpenID provider). The URL must be
registered in the
post_logout_redirect_uris
parameter for the requesting client. If an id_token_hint is not included in the logout request the redirection parameter will be ignored. - [ state ] Optional state to append to the post logout redirection URL.
Success:
- Code: 200
- Content-Type: text/html
- Body: {A confirmation dialog whether the end-user agrees to log out of the OpenID provider}.
Errors:
- 404 Not Found
- 500 Internal Server Error
Example: simple logout request:
GET /session/end_session HTTP/1.1 Host:
Example: logout request with an ID token hint:
GET /session/end_sessionHTTP/1.1 Host: ?id_token_hint=eyJraWQiOiJhb2N0IiwiYWxnIjoiUlMyNTYifQ...
Example: logout request with an access token hint:
GET /session/end_session HTTP/1.1 Host: ?access_token_hint=eyJraWQiOiJhb2N0IiwiYWxnIjoiUlMyNTYifQ...
Post Logout URL
Example: logout request with an Access_Token_Hint and post_logout_redirect_uri:
GET /session/end_session HTTP/1.1 Host: ?access_token_hint=eyWQiSgOiJhb2N0IiwiYWxnIjoiUlMyNTYifQ...&post_logout_redirect_uri=https:///logouturl
4. Errors
404 Not Found
The requested resource doesn’t exist.
Example:
HTTP/1.1 404 Not Found
500 Internal Server Error
An internal server error has occurred. Check the cidaas server logs for details.
Example:
HTTP/1.1 500 Internal Server Error