[Openid-specs-ab] Issue #927: Session 5 - Add "state" parameter to RP-initiated logout messages (openid/connect)
Michael Jones
issues-reply at bitbucket.org
Mon Jul 14 20:07:51 UTC 2014
New issue 927: Session 5 - Add "state" parameter to RP-initiated logout messages
https://bitbucket.org/openid/connect/issue/927/session-5-add-state-parameter-to-rp
Michael Jones:
There is currently no way to maintain state between the time that an RP initiates a logout and the RP site is redirected to after the logout. Like the OAuth “state” parameter, this would be passed to the end_session_endpoint as an optional query parameter, and if present, would be passed back with the same value to the post_logout_redirect_uri endpoint.
RP-initiated logout is defined at http://openid.net/specs/openid-connect-session-1_0.html#RPLogout.
More information about the Openid-specs-ab
mailing list