Missing end_session endpoint #90
Comments
|
Hi @verymilan I am not familiar with Keycloak, but seems like Keycloak & WordPress with this plugin together acts as the OAuth server for the main application. Would that be correct for me to say? If so, you are stating, when the user logs out from your main application, it can communicate back to WordPress to log the user out on WordPress side as well? And that's what's missing for your use case? |
|
Hi, yea Keycloak right now is a kinda in between step for us. While Keycloak is a SSO server, it as well can offer identity provider logins such as Google and various others to users. In turn, if they logout in this szenario, they will be logged out from the application and in Keycloak, but since the oidc server on Wordpress misses the required endpoint, they will stay logged in there. This would also mean that if the app was directly added to Wordpress, a user would not be logged out from Wordpress if they logged out from the app, so that's not really a Keycloak specific problem ... unless there is something i've missed. :) |
Hi there, I have used this plugin to connect a Keycloak to Wordpress. It would be important to ensure that if a user logs out, they are logged out from the connected client, Keycloak and the Wordpress in this szenario. Sadly this does not work for the Wordpress part and i came to realize that the plugin does not actually provide such an endpoint in the first place, so this option couldn't be activated for the IDP.
Would be a great addition to this otherwise wonderfully working plugin. :)
The text was updated successfully, but these errors were encountered: