SAML SSO question ( auth0 as IDP, apache-Mellon as SP)

Hi @vitalyk !

Thanks for sharing! - There is every indication that the slo_enabled set to true works this way: once the SP initiates the logout, the user is also logged out from the upstream IdP (Auth0 in your case).

(Thus you would learn more about the current behavior by tracing the SP’s log out, especially if you can see that after the SP receives the logout response, the response is also sent to the IdP so the session is terminated there as well :slight_smile: )

In your SAML settings, please change the slo_enabled to false and verify if the flow is as intended. (And please let us know results!)

Ref.

Single Log Out or SLO: Signing a user out of the upstream identity provider and any other applications they are signed in to. This is only available in the context of SAML interactions.

Feel free to ask follow-up questions if there are any!