OP-Initiated Logout without User Involvement
Aeneas Rekkas
aeneas at ory.sh
Sat Apr 25 11:14:14 UTC 2020
Hi,
we ( https://github.com/ory/hydra <https://github.com/ory/hydra> ) are receiving use cases for an OP-Initiated that does not involve the user’s browser and cookies. A use case might be that we want to perform Back-Channel Logout when the user changes his/her password.
A simple use case would be that a user is banned by an administrator which in turn should trigger OIDC Back-Channel Logout. Is there any guidance on how this should be designed/implemented? Maybe even with an API Spec?
Best
Aeneas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20200425/15bec52f/attachment.html>
More information about the specs
mailing list