-
assigned issue to
Michael Jones
Session 5 - Add "state" parameter to RP-initiated logout messages
Issue #927
resolved
There is currently no way to maintain state between the time that an RP initiates a logout and the RP site is redirected to after the logout. Like the OAuth “state” parameter, this would be passed to the end_session_endpoint as an optional query parameter, and if present, would be passed back with the same value to the post_logout_redirect_uri endpoint.
RP-initiated logout is defined at http://openid.net/specs/openid-connect-session-1_0.html#RPLogout.
Comments (2)
-
reporter
-
reporter
- changed status to resolved
Fixed
#927- Added "state" parameter to RP-initiated logout messages→ <<cset 4d9804320930>>
- Log in to comment
- Assignee
- Type
- Priority
- Status
- resolved
- Component
- Session
- Milestone
- Implementer's Draft
- Version
- –
- Votes
- 0
- Watchers
- 0
Doing this was approved on the 14-Jul-14 call.