We are the IdP and I am currently configuring IDP initiated logout. When the user hits the logout button, I check ssoState.CanSloAsync() and then redirect to InitiateSingleLogout in my controller, where I call await _samlIdentityProvider.InitiateSloAsync(relayState: returnUrl).
Our SP configurations is in our CRM database, and we have a setting called “Exclude from IdP Logout Sequence”, as some of our SP’s don’t support IdP initiated logout. Is there a way to access the individual SP’s BEFORE the logout request is created and essentially skip them?
I am already utilizing the OnLogoutRequestCreated and OnSendMessage Provider Events to implement some custom logging for each SP logout request. Can I somehow use OnLogoutRequestCreated to skip a SP logout request if they should be excluded? Or is there another event I can use?
I’d prefer to use the high level InitiateSloAsync if possible.
Thank you
If you don’t want an SP to participate in IdP-initiated logout, set the PartnerServiceProviderConfiguration.DisableOutboundLogout flag to true.