-
assigned issue to
Session 5 - Add "state" parameter to RP-initiated logout messages
Issue #927
resolved
There is currently no way to maintain state between the time that an RP initiates a logout and the RP site is redirected to after the logout. Like the OAuth “state” parameter, this would be passed to the end_session_endpoint as an optional query parameter, and if present, would be passed back with the same value to the post_logout_redirect_uri endpoint.
RP-initiated logout is defined at http://openid.net/specs/openid-connect-session-1_0.html#RPLogout.
Comments (2)
-
reporter -
reporter - changed status to resolved
Fixed
#927- Added "state" parameter to RP-initiated logout messages→ <<cset 4d9804320930>>
- Log in to comment
Doing this was approved on the 14-Jul-14 call.