Can REST API "/oauth2/v1/userlogout" logout from SSO session SAML authenticated?
Background:
I am working on SSO integration between IAM (as SP) and Okta (as IDP) that is a customer authentication platform, using the SAML protocol.
Requirement:
Customer would like implement to IDP-initiated single logout, but Okta does not seem to support it.
Currently, we are considering logging out using API from Okta to IAM as workaround.
Question:
Can we use Log Out API "/oauth2/v1/userlogout" to log out the session of a specific user authenticated by SSO?
I was not sure whether the parameter "id_token_hint" could be used or not.
*Reference:
https://docs.oracle.com/en/cloud/paas/iam-domains-rest-api/op-oauth2-v1-userlogout-get.html
Tagged:
0