(Optional) Enable signed logout requests

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:1分

    • Some IdPs require the Service Provider to sign logout requests with a certificate.

    始める前に

    Role required: sso_config_admin, business_rule_admin, script_include_admin

    このタスクについて

    If your IdP requires signed logout requests, use the IdP's metdata to set the following system properties.

    手順

    1. In the Advanced tab, from the property Sign LogoutRequest. Set this property to true if the Identity Provider's SingleLogoutRequest service requires signed LogoutRequest, select Yes to specify that your IdP requires a signed logout request, or select No to use unsigned logout requests.
    2. If you selected Yes to Sign LogoutRequest, then in The protocol binding for the Identity Provider's SingleLogoutRequest service. (Value can be either "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" or "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".) property, enter the one of the supported values listed in Binding attribute from the SingleLogoutService element.

      By default, the integration uses an HTTP-Redirect binding.

    3. Click Update.
    4. Install a Service Provider (SP) key store.