googleads
Implementing Single LogOut using OneLogin SAML
Standard Technical Web Development

Implementing Single LogOut using OneLogin SAML

In my last blog, I have explained the implementation of Single Sign-on(SSO) using OneLogin SAML. Probably you should have gone through the previous blog about Single Sign- in. Now, we are going to focus on implementing Single Logout using OneLogin SAML. Well, I have skipped some of the basic steps that are common to both processes which I had already explained on the previous blog.  So it would be easier for both of us to go with the flow if you can refer the previous one. If not, please check it out here.

As the name indicates, it is all about log out. The Single Logout (SLO) enables a user to log out simultaneously from all the applications in a created session. Besides, we know that OneLogin supports both SP-initiated Single Logout and IdP-Initiated Single Logout.

SP-Initiated Single Logout :

 

If we logged out of our application then automatically the Idp (Onelogin) account will be logged out.

In case, if you are new to Onelogin. Here You Go

IdP-Initiated (SLO) Single Logout using OneLogin:

 

if we logged out of IdP, then it will clear the session and automatically you will get logged out from all the applications.

First, Let us implement the client side part.

Method 1

 

This method will generate and send a SAML(Security Assertion Markup Language)  Logout Request to the IdP. Now, the IdP will authenticate the request and will send the response back.

 

Method 2

 

This method will process the response sent by IdP as a reply to proceed logout request. So, here we have to verify and validate the request to delete our sessions that lead to log out of all the applications.

 

Method 3

The above two methods will handle the SP initiated log out, and the below method will handle the IdP initiated log out. First, the IdP will send the logout request then our method will validate the request & clears the session and sends the response back to IdP.

Initially, the IdP will send the logout request. Later, our method will validate the request & clear the session then sends the response back to IdP.

 

 Another way to handle all the methods in single common method

 

Method 4

All the above methods could be handled in a single common method as follows. Finally, give this URL as an SLO URL in one login connector.

 

 The client-side part is finished. Now, we have to add the SLO URL in OneLogin connector then finally save it.

 

Now you can test the SP initiated log out and IdP initiated log out.

Successfully you will be logged out from all the application.

Conclusion

Hope now you have a clear idea about the implementation of SSO and SLO. For doubts or queries, please comment below. And if you are looking forward to more technical blogs about web development and mobile app development follow Agira Technologies a fast growing IT company, exploring upcoming technologies and exposing everything to help the right people at right time. For more queries always reach us.  We love to hear from you!

The following two tabs change content below.

One thought on “Implementing Single LogOut using OneLogin SAML”

Leave a Reply

Your email address will not be published. Required fields are marked *