CanSloAsync returns false


I’m using your examples for my IDP and the SP.
I’m trying to use the SLO but the method always returns false.

My C# code is like:

var ssoState = await _samlServiceProvider.GetStatusAsync();

if (await ssoState.CanSloAsync())
// Request logout at the service provider(s).
await _samlServiceProvider.InitiateSloAsync(relayState: url);
return new EmptyResult();
return new SLOResult() { UrlToRedirect = url};

As far as I read, it can happen when there is no configuration in the SP side, but my configuration is:

“Configurations”: [
“LocalServiceProviderConfiguration”: {
“AssertionConsumerServiceUrl”: “<a href=“http://localhost:47952/Saml2/Acs",">http://localhost:47952/Saml2/Acs”,
“Description”: “Service Provider”,
“Name”: “<a href=“”,”>”,
“SingleLogoutServiceUrl”: “<a href=“http://localhost:47952/Saml2/SingleLogoutService””>http://localhost:47952/Saml2/SingleLogoutService"
“PartnerIdentityProviderConfigurations”: [
“Description”: “myCompany IDP”,
“Name”: “<a href=“”,”>",
“SingleLogoutServiceUrl”: “<a href=“",">”,
“SingleSignOnServiceUrl”: “<a href=“””>

Also, I’ve enabled the trace log, and the only message that I have when I call this endpoint is:

2020-10-05 15:46:15.812 +01:00 [DBG] The SSO session ID SESSION-ID has been saved to the saml-session cookie.
2020-10-05 15:46:15.814 +01:00 [DBG] SSO session state is being initialized.
2020-10-05 15:46:15.816 +01:00 [DBG] SSO session state for saml-session-SESSION-ID-SamlState is being saved to the distributed cache.

Is there another place that I can check?

Thank you very much

We use a saml-session cookie to maintain SAML session state including whether SLO is permitted.

This saml-session cookie is marked as Secure which means you should use HTTPS endpoints throughout your application. I see in your configuration you have HTTP endpoints. Please switch to HTTPS and try again.

The examples we ship use HTTPS and CanSloAsync correctly returns true.

Thank you very much.
Changed to https solved the issue.

Thanks for the update.