Overview#
Logout Mechanism is an implementation of a Logout ProcessLogout Mechanisms may differ in the following:
- Whether logout is reliable or best-effort
- Whether only application is logged out or also the Identity Provider (IDP)
- Whether only web applications are logged out or also Native applications
- Which state is revoked/cleared by logout and which is not
- cookies
- Access Tokens
- Refresh Tokens
- Tokens
- HTML5 local state
- We are sure there are more
OpenID Connect supports three Logout Mechanisms:#
- OpenID Connect Session Management 1.0
- OpenID Connect Front-Channel Logout 1.0
- OpenID Connect Back-Channel Logout 1.0
SAML V2.0 also had multiple Logout Mechanisms