Logout Failing - No active session(s) found matching LogoutRequest

Nate Klingenstein ndk at signet.id
Fri Oct 22 07:18:43 UTC 2021

> https://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf

If you look at 2.2.2, you'll see that the IdP's defaulting is per the specification.  The SP cannot expect its logout functionality to work unless it's dealing only with unspecified NameID's or IdP's that are not spec-compliant, which is a harrowing thought.

More information about the users mailing list