OpenID Back-Channel Logout implementation

Feature: Openid Back-Channel Logout implementation

Description: implement Final: OpenID Connect Back-Channel Logout 1.0

This was already asked back in 2018 by another user, but never answered: Single Sign Out: OpenID Connect draft specs (front/back channel) availability dates ?

Use-case: I need the authorization-server (Auth0) to notify a list of registered OAuth2 clients (server-side rendered UI and BFF) that a user session was terminated (logout event) to cascade this session invalidation to their own sessions.

Hey there!

Thanks for creating this feedback card! Make sure to upvote it so that it attracts as much attention from other users as possible. We review those feedback cards on a monthly basis and will get back to you as soon as we have any updates to share!

@konrad.sopala done. Hope this will be enough to attract attention from Auth0 product owners too as it is, as far as I could find from the doc, a missing OpenID feature.

Thanks for doing that!

I’m trying to implement the backchannel logout feature. Is there anyway to generate the logout_token for testing? Get a logout_token on the Dashboard>Application>Sessions page would be helpful.

Unfortunately there isn’t but once it gets some attraction among community users it should catch our Product team attention.

1 Like

Hey there Folks!

Got some happy update for you. Our engineering team has this item in their backlog as part of our general access scopes. Once we have more public updates on that front I’ll make sure to relay it!

Great!

I am drafting Back-Channel Logout implementations for Spring webmvc and webflux OAuth2 clients. I’ll share it here as soon as the feature is available.

I just released the 6.1.3 version of my libs.

It contains implementations of client side Back-Channel Logout for both servlet and reactive applications.

Those implementations are activated by thin wrappers around spring-boot-starter-oauth2-client which come with other useful features (and are off course compatible with Boot 3 and Auth0).

I could try the Back-Channel Logout with Keycloak. Can’t wait to try it with Auth0 too.

2 Likes

Thanks for sharing that with the rest of community! As soon as we have some updates on that front we’re make sure to relay it here!

We are interested in this feature. Could you please provide us with an estimated timeline for its implementation? Also, could you confirm whether it’s currently included in the project roadmap or is it still pending in the backlog?

1 Like

Any updates on how to test backchannel logout?