(Optional) Enable signed logout requests

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 1분

    • Some IdPs require the Service Provider to sign logout requests with a certificate.

    시작하기 전에

    Role required: sso_config_admin, business_rule_admin, script_include_admin

    이 태스크 정보

    If your IdP requires signed logout requests, use the IdP's metdata to set the following system properties.

    프로시저

    1. In the Advanced tab, from the property Sign LogoutRequest. Set this property to true if the Identity Provider's SingleLogoutRequest service requires signed LogoutRequest, select Yes to specify that your IdP requires a signed logout request, or select No to use unsigned logout requests.
    2. If you selected Yes to Sign LogoutRequest, then in The protocol binding for the Identity Provider's SingleLogoutRequest service. (Value can be either "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" or "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST".) property, enter the one of the supported values listed in Binding attribute from the SingleLogoutService element.

      By default, the integration uses an HTTP-Redirect binding.

    3. Click Update.
    4. Install a Service Provider (SP) key store.