Hello everyone , I’m having an issue with Single Sign-Out in an SSO setup and would appreciate any guidance. We have an application that authenticates users via SSO using OIDC with Azure AD, and Keycloak is used as the identity broker. From our application, users can also open Microsoft 365 through this same SSO session. The issue happens during logout. When a user signs out from our application, Single Sign-Out works correctly in Chrome and Microsoft Edge — the user is logged out of all related sessions. However, in other browsers (such as Firefox or Safari), the user remains signed in to Microsoft 365 or Azure AD, meaning the SSO session is not fully terminated. I suspect this may be related to third-party cookie restrictions in those browsers.
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| No able to Single Sign Out from different protocol clients within same realm | 0 | 1076 | April 6, 2021 | |
| Logout from Keycloak does not logout Active Directory User | 0 | 641 | May 16, 2023 | |
| Keycloak SAML 2.0 IDP configured for Azure AD SLO does not redirect when logged in for a number of hours | 0 | 2696 | June 29, 2020 | |
| SSO back channel logout issue | 0 | 665 | April 20, 2022 | |
| Azure AD SAML with OIDC Client Protocol for Grafana SLO(Single Logout) having problems | 0 | 674 | May 21, 2021 |