Configure OpenID Connect Settings for Single Logout Where SalesforceIs the OpenID Connect Provider


  1. In Setup, enter apps in the Quick Find box, then select Manage Connected Apps.
  2. Next to the connected app that you want to configure for SLO, clickEdit.
  3. Under OAuth Policies, select Enable SingleLogout.
  4. For Single Logout URL, enter the OpenID Connect SLO endpoint of the connected app’s relying party. This endpoint is where Salesforce sends a logout request when users log out of Salesforce. The relying party provides you with this endpoint. The Single Logout URL must be an absolute URL and start withhttps://.
  5. Use the OpenID Connect DiscoveryEndpoint to provide your relying party with the Salesforce identity provider SLO endpoint. With this endpoint, the relying party can initiate SLO. It’s found in https://.my.salesforce.com/.well-known/openid-configuration, where is your org’s My Domain name. The format for the endpoint ishttps://.my.salesforce.com/services/auth/idp/oidc/logout, also where is your org’s My Domain name.

Was this helpful?