Ctrl+K

Redirection after logout#

It is possible to designate a page the user will be redirected to after logging out from a Feide service using OpenID Connect (OIDC).

The page is given in the logout request from the service, and must be configured in the configuration on the service in the customer portal.

The implementation conforms to the standard for OpenID Connect RP-Initiated Logout.

The URL to redirect to has to be registered in the customer portal. Edit the service and select the configuration under the “configuration” tab or add a new configuration for a new configuration.

Enter the URL in the “Redirect URI for logout field. You can also press [+ Add URI] and register multiple URLs. Finally, press “Save” at the bottom of the page.

Screenshot of adding redirect URI for OIDC-configuration

Screenshot of adding redirect URI for OIDC-configuration

The logout endpoint can be found as the attribute end_session_endpoint at the discovery endpoint https://auth.dataporten.no/.well-known/openid-configuration.

On logout, the service should redirect the user’s browser to the logout endpoint. Feide will terminate the session for the service, and redirect the browser. The following parameters must be given:

post_logout_redirect_uri:

URL to redirect the user to after logout.

id_token_hint:

ID token that the service received on login. Used by Feide to identify the service, so that it can verify that the redirect URL matches one of those configured.

If wanted, the service can add

state:

if present, Feide will pass it on as a state parameter to the redirect URL.