Possible approach to handle OIDC logout consent denial by the end-user

[Darshana Gunawardana]

Hi Piraveena,

If RP not sending the *post_logout_redirect_uri* or its not matched with
the OP registered *post_logout_redirect_uris, *(regardless of user denied
the consent or approved) user would be redirected to some page in OP.

If the post_logout_redirect_uri is available and valid, IMO the better
behaviour would be redirecting to the *post_logout_redirect_uri*. Here,
user will be only logged out from the RP, but not the OP.

PS: Saw the Thomas's reply halfway through, but continued sending this one.
:)

Thanks,

On Mon, Mar 30, 2020 at 8:28 PM Piraveena Paralogarajah <
piraveena.14 at cse.mrt.ac.lk> wrote:

> Hi all,
>
> According to the OIDC Session management
> <https://openid.net/specs/openid-connect-session-1_0.html#RPLogout> spec,
>
> "At the logout endpoint, the OP SHOULD ask the End-User whether he wants
> to log out of the OP as well. If the End-User says "yes", then the OP MUST
> log out the End-User.
>
> It doesn't say how to handle when the user denies the logout consent.
>
> How to handle if the user denies the logout consent? What is the possible
> approach?
> Appreciate your suggestions on this.
>
> Thank you for your time,
> Piraveena
>
> --
> *Piraveena Paralogarajah*
> Undergraduate,
> Department of Computer Science and Engineering,
> University of Moratuwa.
>
>
> *E-mail*: piraveena.14 at cse.mrt.ac.lk
> *Blog:* https://medium.com/@piraveenaparalogarajah
> *LinkedIn*: https://www.linkedin.com/in/piraveena-paralogarajah
> <https://www.linkedin.com/in/piraveena-paralogarajah>
>
> _______________________________________________
> specs mailing list
> specs at lists.openid.net
> http://lists.openid.net/mailman/listinfo/openid-specs
>


-- 
Regards,
*Darshana Gunawardana*
https://www.linkedin.com/in/darshana-gunawardana-a23b6037/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20200330/0c15ceef/attachment.html>