I am using Auth0 as Identity Provider and trying to implement SAML based Service Provider initiated Single Logout (SLO). I send the following LogoutRequest from my service to the Auth0 Identity Provider Login URL which looks like https://XYZ.auth0.com/samlp/CLIENT_ID :
<?xml version="1.0" encoding="ISO-8859-15"?>
<samlp:LogoutRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="request-id" Version="2.0" IssueInstant="2022-08-02T16:44:22Z" Destination="https://XYZ.auth0.com/samlp/CLIENT_ID"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://www.service.com/issuer</saml:Issuer><saml:NameID xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">user@mail.com</saml:NameID></samlp:LogoutRequest>
I expect in response a SAML LogoutResponse
message, but I get a SAML Response
message instead which seems to be the Authentication Response. Also, the user is not logged out of the Auth0 IdP.
Can someone please help me understand what is that I am doing wrong?