How to implement federated session timeout


I have made SSO and SLO working already using the example codes you have.
It seems that there is no example implementation for timeout.

Is there are way that the library knows all of the session state of the Service Providers so if any one of them is still alive but one of them times out, we can just skip killing the session for that SP that timed out.

Demy Oliver

Hi Demy
This isn’t supported by the SAML specification.
If a service provider receives a logout request and the user is no longer logged in, it should still return a logout response to the identity provider so the SLO flow can complete successfully.