ADFS/Azure logout?
Bryan K. Walton
bwalton+1573850983 at leepfrog.com
Wed Jun 9 15:47:25 UTC 2021
We are a Shibboleth SP and we are trying to turn on logout from an
Azure IdP. The logout url provided to us is actually the same as
their Login URL. It appears that ADFS/Azure IdPs are doing a logout via
a SAML transaction.
I find that if we just redirect our application to that url, following
our Shibboleth.sso/Logout, using the format:
/Shibboleth.sso/Logout?return=<azure logout url>
we get an error:
"AADSTS750054: SAMLRequest or SAMLResponse must be present as query
string parameters in HTTP request for SAML Redirect binding."
I'm looking at these pages:
https://wiki.shibboleth.net/confluence/display/SP3/Logout
https://wiki.shibboleth.net/confluence/display/SP3/ADFS+SingleLogoutService
Can anybody provide some tips for how we can use this logout url? I
tried adding the following to our shibboleth2.xml file, but the problem
remained:
<OutOfProcess>
<Extensions>
<Library path="adfs.so" fatal="true"/>
</Extensions>
</OutOfProcess>
Thanks,
Bryan
--
Bryan K. Walton 319-337-3877
Linux Systems Administrator Leepfrog Technologies, Inc
More information about the users
mailing list