Configure OpenID Connect Settings for Single Logout Where SalesforceIs the OpenID Connect Provider
- In Setup, enter apps in the Quick Find box, then select Manage Connected Apps.
- Next to the connected app that you want to configure for SLO, clickEdit.
- Under OAuth Policies, select Enable SingleLogout.
- For Single Logout URL, enter the OpenID Connect SLO endpoint of the connected app’s relying party. This endpoint is where Salesforce sends a logout request when users log out of Salesforce. The relying party provides you with this endpoint. The Single Logout URL must be an absolute URL and start withhttps://.
-
Use the OpenID Connect DiscoveryEndpoint to provide your relying party with the Salesforce identity provider SLO endpoint. With this endpoint, the relying party can initiate SLO. It’s found in https://
.my.salesforce.com/.well-known/openid-configuration, where is your org’s My Domain name. The format for the endpoint ishttps:// .my.salesforce.com/services/auth/idp/oidc/logout, also where is your org’s My Domain name.