By: Praveen Srinivasan user 17 Jan 2022 at 6:31 a.m. CST

4 Responses
Praveen Srinivasan gravatar
Hi Team, Apologies if below query is wrong. Need guidance on configuring GLUU with below scenario. We are trying to call GLUU End Session endpoint with post_logout_redirect_uri. There are certain scenario's where the logout is not happening and not redirecting to the respective portal if we have `allowPostLogoutRedirectWithoutValidation as false` If we have `allowPostLogoutRedirectWithoutValidation as true` everything is working fine. # SAML / OpenID Scenario I have configured A and B app with trusted relationship. I've been calling end_session api to logout and to redirect the user. Our SP doesn't support SAML/OpenID logout request yet. So we are using direct end_session api with post_logout_redirect_uri. (e.g) https://gluuidp.com/oxauth/restv1/end_session?post_logout_redirect_uri=https://mywebsite.com If we have `allowPostLogoutRedirectWithoutValidation as false` then which client we need to add the post logout redirect URI. I've added all Post Logout Redirect URI's in GLUU's default client `IDP client`. When I hit the above URL from A app it is clearing gluu session and redirecting to the A landing page. But when I try to hit the URL from B app, it is throwing below error. Is there a way to redirect the allowed login redirect URI's without validating the GLUU's session? ``` { "error_description": "The provided id token (or access token) or session state are invalid or were issued to another client.", "error": "invalid_grant_and_session" } ```

By Michael Schwartz Account Admin 17 Jan 2022 at 9:44 a.m. CST

Michael Schwartz gravatar
These logout discussion require some engineering. I am referring this to @Davin.Cooke for more business discussion.

By Davin Cooke Account Admin 18 Jan 2022 at 2:45 p.m. CST

Davin Cooke gravatar
Hi Praveen - I sent you an email to your Gmail address. Is this request for a production deployment of Gluu at Versa Networks or for Contus? I'd like to discuss some options to help you move this capability forward through a support contract or with a consulting partner. - Thank you

By Davin Cooke Account Admin 25 Jan 2022 at 11:44 a.m. CST

Davin Cooke gravatar
Hi Praveen. I have not heard from you please let me know if you project has budget to work with a consulting partner. you can email davin@gluu.org

By Praveen Srinivasan user 09 Feb 2022 at 6:19 a.m. CST

Praveen Srinivasan gravatar
Hi Davin, We want to know if gluu will redirect without throwing error if allowPostLogoutRedirectWithoutValidation as false