SAML auth not clearing omnisci session

I have an omnisci server set up with Auth0 as the SAML IdP. Everything works execpt on log out, the session cookies in the instance don’t get cleared. I can confim that the logout URL endpoint is working. Does omnisci server support SLO thru SAML?

Hi,

Can you add details to better understand your problem?

As stated in the docs logging out immerse isn’t clearing the SSO session

Is this the issue or you are experiencing something else?

Candido

The opposite, I am logging out of Auth0 but, it is not logging out of immerse.

Are you using the logout button of immerse or something else?

AFAIK logging out from you Idp isn’t going to logout from Immerse (and vice versa).

Anyway if you can confirm yoi are logging out ny your idp, i’ll ask internally if there is a way to remove the immmerse cookie.

Regards,
Candido

I’m using the log button/functionality of my idp, Auth0. So yeah if there is a way to remove the Immerse cookies that would be great.

Hi @Jean_Luciano ,

It looks like there isn’t an easy way to do that.

After calling the logout on your IdP, your application should also do a call in Immerse like the one we are doing to log out, so an HTTP/HTPPS with the DELETE method and /session/destroy/all endpoint.

Anyway, I asked internally to ensure that there isn’t anything handier to use.

Regars,
Candido

Hello @candido.dessanti,

Would this destroy all cookies in the server?

It should destroy the cookies and the session in the database

One more thing, do you have an example of the API call? I tried, but I get a method not allowed.

Hi,

I run with a plug-in browser using the DELETE method and it woks

http://localhost:6273/session/destroy/all

Thanky for the link http://localhost:6273/session/destroy/all
Yes, it workes for me, too.