Is your feature request related to a problem? Please describe.
Currently a user (who has authenticated via OIDC) chooses to log out, it logs them out of their SFTPGo session.
If does not log them out of their OIDC session though, so if they click on "log in via OIDC" it automatically authenticates them again.
It would be good if there was an option when logging out from the SFTPGo session if the user could also log out from their OIDC session.
This use case is supported via OIDC via a "front channel logout URL" - see https://learn.microsoft.com/en-us/entra/identity-platform/v2-protocols-oidc#single-sign-out.
Describe the solution you'd like
When a user who is authenticated via OIDC logs out of the SFTPGo web application, it also invalidates their OIDC session.
See https://openid.net/specs/openid-connect-rpinitiated-1_0.html
It might be worth offering two logout options if logged in via OIDC:
- Log out of SFTPGO
- Log out of SFTPGO and completely log out of your OIDC SSO Provider
Describe alternatives you've considered
None - raising this for consideration.
What are you using SFTPGo for?
Medium business
Additional context
Provide greater compliance with the OIDC specification.
Is your feature request related to a problem? Please describe.
Currently a user (who has authenticated via OIDC) chooses to log out, it logs them out of their SFTPGo session.
If does not log them out of their OIDC session though, so if they click on "log in via OIDC" it automatically authenticates them again.
It would be good if there was an option when logging out from the SFTPGo session if the user could also log out from their OIDC session.
This use case is supported via OIDC via a "front channel logout URL" - see https://learn.microsoft.com/en-us/entra/identity-platform/v2-protocols-oidc#single-sign-out.
Describe the solution you'd like
When a user who is authenticated via OIDC logs out of the SFTPGo web application, it also invalidates their OIDC session.
See https://openid.net/specs/openid-connect-rpinitiated-1_0.html
It might be worth offering two logout options if logged in via OIDC:
Describe alternatives you've considered
None - raising this for consideration.
What are you using SFTPGo for?
Medium business
Additional context
Provide greater compliance with the OIDC specification.