Readers
Logout is a typical requirement in Single Sign-On world. In the interest of today's post, PingFederate can perform SAML single logout or individual adapter logout and I will talk about these topics in detail in separate post.
It is also a common requirement to be able to redirect user to login page post logout. Today, I will explain the PingFederate capabilities to redirect user to different url post SAML logout.
PingFederate SAML logout end-point is https://<>/startSLO.ping, and t his URL will perform SAML single logout.
TargetResource parameter should be appended to logout URL to redirect the user to login page or to land onto different page.
https://<>/idp/startSLO.ping?TargetResource=https://<>
This TargetResource should be whitelisted as shown below.
Add the new <> under Security -> Redirect Validation section by specifying the domain name as abc.domain.com and select TargetResource for SLO and Other checkbox. This setting should be added only when ENABLE TARGETRESOURCE VALIDATION check box is enabled for SLO AND OTHER OPTION.
Without whitelisting the redirect URL, you will see below error
Logout is a typical requirement in Single Sign-On world. In the interest of today's post, PingFederate can perform SAML single logout or individual adapter logout and I will talk about these topics in detail in separate post.
It is also a common requirement to be able to redirect user to login page post logout. Today, I will explain the PingFederate capabilities to redirect user to different url post SAML logout.
PingFederate SAML logout end-point is https://<
TargetResource parameter should be appended to logout URL to redirect the user to login page or to land onto different page.
https://<
Without whitelisting the redirect URL, you will see below error