This issue has been created
There is 1 update.
 
 
OpenId Connect / cid:jira-generated-image-avatar-bb9d7189-076d-460d-8448-ad65951640de OIDC-236 Open

Add the option to skip the ID Token from the logout request
 
View issue   ยท   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-1266afc4-2827-480d-80e8-de9ac5467c75 Sorin Chiuchiu created this issue on 02/Jun/25 10:18
 
Summary: Add the option to skip the ID Token from the logout request
Issue Type: cid:jira-generated-image-avatar-bb9d7189-076d-460d-8448-ad65951640de Improvement
Assignee: Unassigned
Attachments: logout-error.png
Components: Authenticator, Configuration
Created: 02/Jun/25 10:18
Priority: cid:jira-generated-image-static-major-45c24cef-165f-4c04-bb1c-e17bd33db945 Major
Reporter: Sorin Chiuchiu
Description:

While in the Open ID connect specs it's recommended to use the ID Token in the logout request, in the Microsoft v2.0 protocol, the ID Token hint is not needed for sign out. Adding it may actually cause logout errors to the users like:

AADSTS90015 Requested query string is too long.

I suggest adding a new configuration option that allows the user to skip the id_toke_hint from the logout request.
 
 

1 update

 
cid:jira-generated-image-avatar-1266afc4-2827-480d-80e8-de9ac5467c75 Changes by Sorin Chiuchiu on 02/Jun/25 10:19
 
Assignee: Sorin Chiuchiu
 
 
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6) Atlassian logo
If image attachments aren't displayed, see this article.