Greetings.
I'm not a SAML expert at all but I had to work with a service provider that uses it (for testing purposes). At some point, the system complained that the IdP XML metadata didn't contain a logout URL. Using Copilot to help me out, I basically copied these lines:
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mocksaml.com/api/saml/sso"/>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mocksaml.com/api/saml/sso"/>
... and pasted them below, after changing the element name from SingleSignOnService to SingleLogoutService:
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mocksaml.com/api/saml/sso"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mocksaml.com/api/saml/sso"/>
I don't know if that's correct/mandatory/useful? This seems to work with the service provider I'm using though. Is https://mocksaml.com/api/saml/sso receptive to logout SAML messages?
Greetings.
I'm not a SAML expert at all but I had to work with a service provider that uses it (for testing purposes). At some point, the system complained that the IdP XML metadata didn't contain a logout URL. Using Copilot to help me out, I basically copied these lines:
... and pasted them below, after changing the element name from
SingleSignOnServicetoSingleLogoutService:I don't know if that's correct/mandatory/useful? This seems to work with the service provider I'm using though. Is
https://mocksaml.com/api/saml/ssoreceptive to logout SAML messages?