LogoutResponse StatusCode of AuthnFailed using InitiateSloAsync

Hi,

Using Version 2.0.2.0, I am implementing an SP Initiated SLO using the example solution as a template. The logout response that I receive from the IdP (Okta) is indicating AuthnFailed. Am I supposed to be providing a signature with the LogoutRequest? If so, I don’t see anything in the API that allows me to do so. InitiateSsoAsync seems to sign the AuthnRequest, whereas InitiateSloAsync does not sign the LogoutRequest. This is despite the fact that I have WantAssertionOrResponseSigned set to true in the SAML Configurations. Is there a way for me to sign the LogoutRequest that gets sent via InitiateSloAsync? Otherwise, is there anything else I should be looking at to figure out why I would get AuthnFailed as part of my LogoutResponse?

Thanks,
Mike

Hi Mike
In your SAML configuration, you set SignLogoutRequest and SignLogoutResponse to true to sign the logout request and response respectively.
For example:

“Name”: "<a href=“http://www.okta.com/exkch8syaa6hDqAJQ0h7",">http://www.okta.com/exkch8syaa6hDqAJQ0h7",</a><br/>"Description”: “Okta”,
“SignAuthnRequest”: true,
“SignLogoutRequest”: true,
“SignLogoutResponse”: true,
“SingleSignOnServiceUrl”: "<a href=“https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_4/exkch8syaa6hDqAJQ0h7/sso/saml",">https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_4/exkch8syaa6hDqAJQ0h7/sso/saml",</a><br/>"SingleLogoutServiceUrl”: "<a href=“https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_4/exkch8syaa6hDqAJQ0h7/slo/saml",">https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_4/exkch8syaa6hDqAJQ0h7/slo/saml",</a><br/>"PartnerCertificates”: [
{
“FileName”: “certificates/okta.cer”
}
]

Thanks for the update. I’m glad that got it working.