Log Out Settings

Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Single log out

Watch how to configure Single Logout: ▶ Watch Setup Video

This feature will automatically log out the user from the OAuth provider or IdP when the user logs out of the Drupal site.
To configure this feature, go to the Client Configuration section and navigate to the Manage tab to locate your desired application.
In the corresponding application row, click the dropdown arrow next to Attribute Mapping under the Mappings column, and select Client Settings.
Within the Client Settings section, scrolldown to the Log Out Settings.
In the Log out section, check the Enable single log out checkbox activate this feature.
Enter the OAuth provider or IdP URL in the IDP End Session Endpoint text field to log out the user from the Identity Provider when they log out from the Drupal site.
Redirect URI Param Name based of your Identity Provider, this is the parameter that carries the post-logout redirect URL. You can change the parameter name based on your Identity provider.
Now, you can see the Include ID token in End session Endpoint check box.
If you want to avail this feature, then navigate to the Module Settings tab by clicking the module settings link.
Scroll down to the Token Storage section, then enable the Store Token in User Session and check the ID Token check box.
Then, scroll down and click the Save configuration button.
After that, check the Include ID Token in End Session Endpoint check box and enter the ID Token Parameter Name into the text field based on your IdP or OAuth provider.
Then, Scroll down and click on the Save button.

Revoke Token

Watch how to configure Single Logout: ▶ Watch Setup Video

By enabling this feature, the Refresh Token provided by the IdP can be revoked on logout if it is stored in the user session.
To configure this feature, go to the Client Configuration section and navigate to the Manage tab to locate your desired application.
In the corresponding application row, click the dropdown arrow next to Attribute Mapping under the Mappings column, and select Client Settings.
Within the Client Settings section, scrolldown to the Log Out Settings.
In the Log out Settings section, you will find the Revoke Token option.
Before proceeding further, ensure that the refresh token is stored in the user session.
For that, navigate to the Module Settings tab by clicking the module settings link.
Scroll down to the Token Storage section, then enable the Store Token in User Session and check the Refresh Token check box.
Then, scroll down and click the Save Configuration button.
Now, go back to the Revoke Token section, check the Revoke user tokens after logout checkbox and proceed to configure this feature.
Enter the complete token URL that you want to revoke in the IDP Token Revoke Endpoint text field.
Now, enter the name of the parameter that carries the token in the Name the parameter carrying the token text field. For example, a token.
You can pass additional parameters on token revocation. Enter the name of the parameter in the Param Name text field and its value in the Param Value field.
If you want to pass multiple parameters, then enter the number of row that you want to add and then click the Add button.
Then, scroll down and click the Save button.