stackoom
  简体   繁体   中英

SAML: Idp initiated sign out on Azure AD user deletion?

 原文  2020-05-07 13:29:40       azure-active-directory/ saml-2.0/ idp/ single-logout

Question

Not sure how to go about the following scenario:

User logs in with SAML using in an Azure enterprise configured application.

User authenticated succesfully. If user now logs out from Azure -> I can catch this event using the logout url.

However if the user is deleted / removed from the organisation the user is still logged in in my application.

I've implemented similar logic with Oauth and refresh tokens, didn't find an equivalent using SAML.

1 answers

solution1
 0  2020-05-07 17:40:34

As of now there is no support in SAML for the user provisioning events performed by the Idp.

In Azure enterprise configured application there is feature for Automate user provisioning and deprovisioning to applications which ensure that the identities in your app and systems are kept up to date based on changes in the directory or your human resources system.

For more information you can refer this link

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SAML - IDP Initiated Example (Azure AD SAML Toolkit)? SAML Single Log Out with Azure AD as IDP in SAP HANA Why does Azure AD (or other OIDC Idp) require to enter user credentials for sign-in after sign-out? How to use Azure AD as SAML IdP? SAML IDP For Azure AD Lonin then redirect problem Azure AD - SAML with 3rd party as IDP Cognito with SAML IdP (Azure AD), refresh_token still works after user is removed from AD Best method to Automate Identity Provider (IdP) initiated SSO in Azure AD Can a non-gallery SAML application in Azure Active Directory support both IDP and SP Initiated flows? Okta as IDP Azure AD
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM