Skip to content

Feature Request: Support End Session (and Generic External User-Agent requests) #374

Description

@WilliamDenniss

NB. I don't personally have this requirement, creating this issue to serve as the canonical thread for this common feature request.

On AppAuth for iOS, we made two recent changes in support of the OpenID End Session (RP Logout) endpoint, as follows:

1/ Generalized the External User-Agent request logic

Previously we had just one external user-agent request, so all the APIs related to opening that request in the browser, and the various associated logic were specific to that one request. We generalized those APIs so as to support any external user-agent request, so now Authorization Request was just a specialization of that (enabling the End Session Request to be as well).

2/ Implemented the End Session logout endpoint.

We implemented the specification documented by Section 5 of Draft 28 of OpenID Connect Session Management 1.0. Note: be sure to use that document, as there are some out-dated, and duplicative drafts floating around (Front-Channel logout for example has duplicated, and out of sync, information).

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions