When a user logs out, you can control how the logout flow behaves depending on whether your OAuth provider supports logout requests. Below are two logout options supported by the plugin:
To prevent users from being assigned to any default groups:
1. Logout Endpoint URL
Purpose:
Logs the user out from both the application (e.g., Jira) and the OAuth provider.
Use this option only if your OAuth provider supports logout requests.
How it works:
- When the user clicks Logout, a logout request is sent to the OAuth providerʼs logout endpoint.
- This ensures the user is logged out from the provider session as well (e.g., AWS Cognito, Keycloak, etc.).
Configuration Steps:
- Go to the Configured Provider in the plugin settings.
- Click on Advanced Settings for the selected provider.
- Enter the logout endpoint URL provided by your OAuth provider. Example AWS Cognito): https://{domainName}/logout?client_id={ClientID}&logout_uri={SignOutRedirectURL}
Note: If this is configured, it overrides any Custom Logout URL/Template.
2. Custom Logout URL/Template
Use this if your OAuth provider does not support logout requests or you want to simply redirect the user to a specific page after logout.
Custom Logout URL:
- Redirects the user to a specific URL after logout (e.g., a thank you page or login screen)
- Works universally with all OAuth providers.
Configuration Steps:
- Go to SSO Settings → Post Logout Configuration tab.
- Enter your Custom Logout URL.
- Save the settings.
Custom Logout Template:
- Displays a custom HTML template after logout.
- Useful if you want to show a message or offer a link to log in again.
Configuration Steps:
- Go to SSO Settings → Post Logout Configuration tab.
- Enable Custom Logout Template.
- Define your template or message (e.g., include a "Log In Again" link).
- Save the settings.
