Class LogoutEndpoint

    • Method Detail

      • issueUserInfoPreflight

        public issueUserInfoPreflight()
      • logout

        public logout​(@QueryParam("redirect_uri")
                                                String deprecatedRedirectUri,
                                                String encodedIdToken,
                                                String clientId,
                                                String postLogoutRedirectUri,
                                                String state,
                                                String uiLocales,
                                                String initiatingIdp)
        Logout user session. User must be logged in via a session cookie. When the logout is initiated by a remote idp, the parameter "initiating_idp" can be supplied. This param will prevent upstream logout (since the logout procedure has already been started in the remote idp). This endpoint is aligned with OpenID Connect RP-Initiated Logout specification All parameters are optional. Some combinations of parameters are invalid as described in the specification
        deprecatedRedirectUri - Parameter "redirect_uri" is not supported by the specification. It is here just for the backwards compatibility
        encodedIdToken - Parameter "id_token_hint" as described in the specification.
        clientId - Parameter "client_id" as described in the specification.
        postLogoutRedirectUri - Parameter "post_logout_redirect_uri" as described in the specification with the URL to redirect after logout.
        state - Parameter "state" as described in the specification. Will be used to send "state" when redirecting back to the application after the logout
        uiLocales - Parameter "ui_locales" as described in the specification. Can be used by the client to display pages in specified locale (if any pages are going to be displayed to the user during logout)
        initiatingIdp - The alias of the idp initiating the logout.
      • logout

        public logout()
        This endpoint can be used either as: - OpenID Connect RP-Initiated Logout POST endpoint according to the specification - Legacy Logout endpoint with refresh_token as an argument and client authentication needed. See logoutToken() for more details
      • logoutConfirmAction

        public logoutConfirmAction()
      • logoutConfirmGet

        public logoutConfirmGet()
      • backchannelLogout

        public backchannelLogout()
        Backchannel logout endpoint implementation for Keycloak, which tries to logout the user from all sessions via POST with a valid LogoutToken. Logout a session via a non-browser invocation. Will be implemented as a backchannel logout based on the specification