azure-ad-plugin icon indicating copy to clipboard operation
azure-ad-plugin copied to clipboard

Support Front-channel logout URL

Open stszap opened this issue 10 months ago • 0 comments

What feature do you want to see added?

Hello. I was trying to setup single sign-out in Entra (logout from Microsoft should also terminate session in Jenkins) and configured "/logout" as "Front-channel logout URL" for my Entra application. When I tried to test that I saw that the browser was making a request to the logout URL but without any cookies and the browser probably ignored "set-cookie" header too because of third-party cookie policy or something. That results in a state where a user is logged out from Microsoft but still logged in in Jenkins. Is it feasible to add a logout URL that won't be relying on cookies, but will instead use "sid" request parameter?

I couldn't find any discussions about this and it seems like a basic feature so sorry if it is already implemented and I'm just doing something wrong.

Upstream changes

No response

Are you interested in contributing this feature?

No response

stszap avatar May 22 '25 20:05 stszap