Follow the steps below to configure Single Logout (SLO) between your Drupal site and Keycloak:
1. Update the Logout URL in the Drupal miniOrange OAuth Client module Configuration
- Navigate to the Sign-In Settings tab in the module.
- Scroll down to the Provider Specific Settings section.
- Edit the configuration for your Identity Provider (Keycloak).
- Locate the Redirect URL after logout field and add given URL. (http://{keycloak-server}/realms/{realm-name}/protocol/openid-connect/logout)
- Check the box “Include ID Token in End Session Endpoint”.
- Click Save Configuration.
2. Update Logout Settings in Keycloak
- Log in to your Keycloak Admin Console.
- Navigate to your client configuration (the client representing your Drupal site).
- Scroll down to the field Valid Post Logout Redirect URIs.
- Add your Drupal site Base URL
- Save the configuration.
3. Test the SLO Flow
- Log in via Keycloak SSO.
- Log out from Drupal and confirm that the session is terminated both in Drupal and Keycloak.
- Verify that you are redirected correctly after logout.
You have now successfully set up Single Logout (SLO) between Drupal and Keycloak.
If you encounter any issues, please feel free to reach out to us at drupalsupport@xecurify.com.
