OpenID connect plugin Front-channel Logout URL is not working in Moodle 4.5 #2705
Comments
|
After some investigation, we concluded that what you want to achieve is not how front-channel logout URL is designed for. In short, when a Microsoft user logs out from the Microsoft account, Entra ID does not trigger a request to all the front-channel logout URLs configured in all Azure apps in the tenant. Instead, it will only call the front-channel logout URL from the user session where the logout action is initiated. Consider this scenario:
We did find a related bug while investigating this issue, in which Moodle only stores the sid from the latest login. As a result, in step 5 of the scenario above, Moodle user logout would work if the user logs out of Microsoft from browser session 2, but it wouldn't work for browser session 1 because the sid would have been overwritten. A solution has been provided in the PR linked to this issue. Regards, |
I have configured OpenID connect plugin in my moodle site. Also had set
"PostLogoutUris": [ "/auth/oidc/logout.php" ],in appsettings for single sign out. But when I log out from extremal site( developed in .net) which is using same SSO, moodle site is not getting logged out.Any suggestions?
I am a dot net developer. Not much experience in PHP .
The text was updated successfully, but these errors were encountered: