[IdP Mobile] SLO redirect issue with client certificate

Forge Component
Published on 16 Apr by Telmo Martins
2 votes
Published on 16 Apr by Telmo Martins

We have an issue with the redirect of the SLO request.

When an user logs in, he has to select a client certificate and then fill in his username and password.

When the app isn't closed before the user logs out then SLO request is working as designed. The redirect is working and the LogoutCallback_SystemBrowser block is triggered.

If the user closes the app (not open in background) without logging out, starts the app again and then tries to log out, the redirect isn't working. I see a LogoutResponse in the message log, but the response isn't processed. The user is logged out on Azure AD, his session is killed on IdP but remains logged in on OutSystems.

The only difference with the first scenario is that in the second one the user has to select his client certificate again and in the first he didn't.

How can I make sure the redirects for SLO are working correctly?