Ping Federate Exit IdP Flow as Ping Federate Documentation
Sequence
The user initiates one exit request. The request is for PingFederate servers /idp/startSLO.ping endpoint.
PingFederate sends an exit request and receives responses from all SPs registered for the current SSO session.
PingFederate redirects the request to IdP Logout Service web applications, which locally identifies and deletes the user's session.
The logout service redirects back to PingFederate until the page displays a successful logout.
But I have a little problem regarding Logout Service that needs to be installed in the configuration of the IdP adapter.
The problem is that I have a dynamic logout URL, due to which I cannot use it in the Logout Service .
I am currently trying to initialize an initiated IdP SLO. Why am I going through TargetResource to redirect the user to IdP after the success of SLO.
https://idp.pf.com:9031/idp/startSLO.ping?PartnerSpId=testSpId&TargetResource=http%3A%2F%2Fdynamicsubhost.baseurl.com%3A8080%2Fweb%2Fmy-bank%2Flogout
Question:
So, how can I configure the PingFederate parameter to skip Step 3 , so instead of redirecting to IdP Logout service it redirects to TargetResource .
What I tried:
I know this sounds messy, but in fact I left the IdP exit service empty. But obviously, it did not work.
PS It's embarrassing when I used the same PF server to configure both IdP and SP servers, it worked fine. But when I switch to a separate instance of the PF server to host the PingFederate Server shows the result.
single-sign-on federated-identity pingfederate
Runcorn
source share