Hello,
Has anyone had luck with implementing SLO between Auth0 IdP and Salesforce SP? I have issues with Salesforce SLO endpoint rejecting Logout Requests sent by Auth0 with the generic error:
Logout Error
We are unable to log you out. Please contact your administrator for more information.
Logout Request has valid SessionIndex and NameID which match one from a Login Response:
<samlp:LogoutRequest xmlns:samlp=“urn:oasis:names:tc:SAML:2.0:protocol”
ID="_d1835e3e40db6ae345f3" Version="2.0" IssueInstant="2019-09-17T22:27:52Z" Destination="https://test.cs51.my.salesforce.com/services/auth/sp/saml2/logout" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" > <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">urn:sso.test.com</Issuer> <NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" >test@test.com</NameID> <samlp:SessionIndex>_FhGZ1-k66dhoeWAb4wKpGUDqyStFGY4V</samlp:SessionIndex></samlp:LogoutRequest>