Aspnetcore: Back-channel logout support for OpenIdConnect?
There is a default endpoint for front-channel signout: signout-oidc
Is there a plan to include a similar endpoint for back-channel signout in 2.1 release?
Spec: http://openid.net/specs/openid-connect-backchannel-1_0.html
Thank you.
D3MaxT
All 7 comments
No plans for this at the moment, most 2.1 feature work is already done.
The middleware couldn't implement a back channel by itself. The front channel sign out removes the user's cookie. The back channel couldn't, it would have to track sessions and invalidate them so that next time the user presents the cookie it would be rejected. Identity has features like this but it requires plugging into the cookie auth handler to enforce them.
Tratcher
on 1 Apr 2018
Thank you for the response.
D3MaxT
on 1 Apr 2018
We have a super simple sample that shows mechanics here: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Clients/src/MvcHybridBackChannel
brockallen
on 1 Apr 2018
Awesome!
Thank you Brock!
D3MaxT
on 1 Apr 2018
Parking in Backlog until we see sufficient interest in this. This would be a fairly costly feature for us to implement.
Eilon
on 7 Apr 2018
@brockallen this link is dead do you have an updated link?
LindaLawton
on 4 Sep 2019
@LindaLawton
example is here now
damienbod
on 4 Sep 2019
Related issues
guardrex
路
3Comments
UweKeim
路
3Comments
groogiam
路
3Comments
mj1856
路
3Comments
snebjorn
路
3Comments
Most helpful comment
We have a super simple sample that shows mechanics here: https://github.com/IdentityServer/IdentityServer4.Samples/tree/release/Clients/src/MvcHybridBackChannel