Hello everyone,
Do you know if there's a logout binding please ?
I only have 2 URLs in Atlassian Access :
- 1 for the entity id SP
- 1 for the assertions SP.
None of them seem to do the trick.
Here's what's happening :
1) Atlassian side : When I logout from Jira and try to connect back with another account, I'm reconnected with the first one (as I'm still logged-in in the identity provider). I was quite shocked when it happened.
2) Identity Provider side : If I activate the "front channel logout" option in my identity provider (to force a redirection to the Atlassian site when I logout from the identity provider) and enter one of the URL, I get a "not found" message or a "can't connect" one (obviously as it's the login callback). So, I can't logout anymore.
There's no logout binding from any side.
All I can do to really logout is to logout from both the Atlassian side and the Identity Provider side (without a redirection / Front Channel Logout option), so that a new connection to the Atlassian site would redirect me to the Identity Provider, where I'm not authentified.
Security-wise, I don't know what to think about that, as there will be thousands of users on this Jira site.
Am I maybe missing something here ?
Thanks a lot in advance for any kind of help, I know it's not an easy topic but you might be a real life saver =).
Kind regards,
Dylan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.