FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    Can Single Log Out be done for specific users?

    Scheduled Pinned Locked Moved
    General Discussion
    2
    4
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      ken.gunadi
      last edited by

      Hi,

      I have specific questions about the single logout behavior in Fusion Auth, would really appreciate any input/hints.

      Questions:

      1. Does FusionAuth's Single Logout blindly call the Logout URL for all Applications, regardless of whether the user who is logging out is registered only for a subset of the list of Application?
      • i.e: if I have 2 applications in FusionAuth (A and B), if a user is only registered for app A, when that user logs out from A, will app B's logout URL be called?
      1. Is there a way to pass the identity of the user who is logging out to the Logout URLs of the Application?

      Some more background info below.

      I have 2 systems involved:

      1. An proprietary software (A)
      2. An external system (B)

      FusionAuth is currently acting as IDP for system A.

      Goal is to let user log in to our proprietary system (A), and then user will also be able to access the external system (B). At the same time, I want user who logs out from A also got logged out from B.

      However, not all users will be associated/registered for B.
      All users will by default be registered with A.

      I created 2 Applications inside FusionAuth to represent A and B, and set the logout behavior to be "All Application".

      For B's Application, in FusionAuth I set the Logout URL to some URL.

      Thank you again for any inputs!

      danD 1 Reply Last reply Reply Quote 1
      • danD
        dan @ken.gunadi
        last edited by

        @ken-gunadi said in Can Single Log Out be done for specific users?:

        Does FusionAuth's Single Logout blindly call the Logout URL for all Applications, regardless of whether the user who is logging out is registered only for a subset of the list of Application?

        i.e: if I have 2 applications in FusionAuth (A and B), if a user is only registered for app A, when that user logs out from A, will app B's logout URL be called?

        Yes, if you specify all applications as you mentioned you did. The alternative is to set the logoutBehavior to RedirectOnly which does not call the logout of all applications.

        Is there a way to pass the identity of the user who is logging out to the Logout URLs of the Application?

        No. However, your application typically has some knowledge (a session id, etc) of the user who is logging out. Would love to hear more about your use case.

        --
        FusionAuth - Auth for devs, built by devs.
        https://fusionauth.io

        K 1 Reply Last reply Reply Quote 0
        • K
          ken.gunadi @dan
          last edited by

          @dan Thank you so much for the response.

          Referring back to the scenario I described with a User that has registration to only one of the FusionAuth Applications, I would've thought FusionAuth single logout to only call the Logout URL of the Application for which the User is registered (when that User logs out).

          Instead, it also calls the Logout URL of the Application for which the User has no registration.

          Maybe I'm misunderstanding the intention of the single logout?

          danD 1 Reply Last reply Reply Quote 0
          • danD
            dan @ken.gunadi
            last edited by

            @ken-gunadi

            I'm not sure I understand the issue. How does the user have a valid session in an application they aren't registered for?

            What am I missing?

            --
            FusionAuth - Auth for devs, built by devs.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            • First post
              Last post