In this example we’ve configured an application to allow single sign on (SSO) for active directory users through ADFS. Non-active directory users (external to the organization) are configured to use a 3rd party STS. In this case we’re using Thinktecture Identity Server to act as our 3rd party provider.
The first step is to add a SAML Logout Endpoint to the application’s relying party trust configuration in ADFS. In the Endpoints tab, click Add, select endpoint type of SAML Logout, Binding = POST, then enter your logout URL https://<youradfsserver>/adfs/ls/?wa=wsignout1.0
In your application you simply need to add the logout URL for the end user to select. <a id="A3" href="https://<youradfsserver>/adfs/ls/?wa=wsignout1.0">Logout</a>
When Active Directory users are logged out they are automatically directed to this standard ADFS Sign-Out page.
When external users are logged out they are automatically directed to their provider’s Sign-Out page.
No comments:
Post a Comment