[Code] Possible approach to handle OIDC logout consent denial by the end-user
Piraveena Paralogarajah
piraveena.14 at cse.mrt.ac.lk
Mon Mar 30 14:52:13 UTC 2020
Hi all,
According to the OIDC Session management
<https://openid.net/specs/openid-connect-session-1_0.html#RPLogout> spec,
"At the logout endpoint, the OP SHOULD ask the End-User whether he wants to
log out of the OP as well. If the End-User says "yes", then the OP MUST log
out the End-User.
It doesn't say how to handle when the user denies the logout consent.
How to handle if the user denies the logout consent? What is the possible
approach?
Appreciate your suggestions on this.
Thank you for your time,
Piraveena
--
*Piraveena Paralogarajah*
Undergraduate,
Department of Computer Science and Engineering,
University of Moratuwa.
*E-mail*: piraveena.14 at cse.mrt.ac.lk
*Blog:* https://medium.com/@piraveenaparalogarajah
*LinkedIn*: https://www.linkedin.com/in/piraveena-paralogarajah
<https://www.linkedin.com/in/piraveena-paralogarajah>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-code/attachments/20200330/93f156ec/attachment.html>
More information about the Code
mailing list