What is Single Logout?
Single Logout (SLO) is a feature in federated authentication where end users can sign out of both their Service Provider session (Atlassian application) and the Identity Provider (Azure AD) with a single action — i.e., logout is initiated at the Identity Provider end and reflected in the Atlassian application as well.
How does the SAML Single Logout URL (SLO) work with the miniOrange SAML SSO plugin?
- Azure Active Directory (Azure AD ) supports the SAML 2.0 web browser Single Sign-out profile. For Single Logout to work correctly, the Logout URL for the application must be explicitly registered with Azure AD during the app registration.
- Azure AD supports only HTTP-GET requests for logout.
- To access SLO, users need the SLO URL which is provided in the SP Information tab of the miniOrange SAML Single Sign-On Plugin.
Steps to Configure Single Logout in Azure AD B2C for Atlassian Applications:
- Copy the Single Logout (SLO) URL from the SP Information tab in the miniOrange SAML SSO Plugin on your Atlassian instance (Jira / Confluence / Bitbucket).
- Navigate to the Azure AD B2C portal, and open the App Registration connected to your Atlassian application.
- Configure the app as per your existing SSO setup guide.
- In the left-hand menu, select the Manifest tab.
- Place the Single Logout URL in the manifest code by replacing the null value as shown below:
You have successfully configured Single Logout (SLO) functionality with Azure AD B2C for your Atlassian application using the miniOrange SAML SSO Plugin.
