Replies: 2 comments
-
|
This is not the place to submit feature requests, use https://requarks.canny.io/wiki instead. |
Beta Was this translation helpful? Give feedback.
-
|
@Ma27 your link to passport-saml codebase is related to SLO flow triggered by SP (generating request which triggers SLO processing at IdP). Its quite easy. Hard part is when SP receives SLO request i.e. when IdP propagates SLO triggered by some other SP to (in this case) wikijs. You cannot claim to have SLO support if you don't support all aspects of it. For more info see https://github.com/node-saml/passport-saml/blob/eacbbbb3919ec0cf767f81696f05870eacaae237/README.md#slo-single-logout Prepare to test that case also. |
Beta Was this translation helpful? Give feedback.
-
SLO (Single Logout URL) is a way to logout not only from the SP (== the application that authenticates users via SAML), but also from the IdP (the service it's authenticated against). See also https://www.identityserver.com/articles/the-challenge-of-building-saml-single-logout.
Even though there's no full support for it in passport-saml, it seems as if it's basically doable: https://github.com/node-saml/passport-saml/blob/eacbbbb3919ec0cf767f81696f05870eacaae237/src/strategy.ts#L232
I'd offer myself as tester for that :)
Beta Was this translation helpful? Give feedback.
All reactions