Configuring Single Logout

If your service provider supports single logout ("SLO"), you can configure the application so that when your users log out of the application, they are also logged out of the Centrify Admin Portal.

To configure SLO, enter the Single Logout URL provided by your service provider on the Trust page under Service Provider Configuration > Manual Configuration > Single Logout URL.

Note:   If you are configuring single logout in the B2B app, you must include the nameID attribute in the SAML response to facilitate SAML SP and IdP logout. Without the nameID attribute, only the Centrify tenant will be logged out, not the IdP.

With SLO configured, signing out of the application sends a logout request to the Privileged Access Service at the Identity Provider Logout URL (an automatically generated URL). The Privileged Access Service validates the request and returns a logout response to the service provider at the Single Logout URL.