IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to discussions
Expand all | Collapse all

webMethods API Gateway Q&A - The logout session is not getting invalidated from Developer Portal via SSO

  • 1.  webMethods API Gateway Q&A - The logout session is not getting invalidated from Developer Portal via SSO

    Posted Tue December 05, 2023 04:04 AM

    Product/components used and version/fix level:

    Versions 10.11
    Platforms UNIX
    Operating Systems Red Hat Enterprise Linux

    Detailed explanation of the problem:

    In the Developer Portal, the logout via Single Sign-On is not working. Once the logout has been initiated from the Developer Portal, the IDP sends the right response, and the user gets logged out. It is not reflected in the UI because the session is not getting invalidated - hence, the session is still active.

    How do we resolve this?


    #Tuesday-troubleshooting
    #API-Management
    #API-Gateway
    #webMethods


  • 2.  RE: webMethods API Gateway Q&A - The logout session is not getting invalidated from Developer Portal via SSO

    Posted Tue December 05, 2023 04:04 AM

    In SAML SSO setup, as per spec, when logout is initialized from SP (i.e. Developer Portal), it would send a Logout Request Assertion to IDP.

    Once it successfully logged out in IDP, the IDP has to send the response to SP (to - <API PORTAL URL>/portal/rest/v1/saml/initslo) - then only the Developer Portal would clear its’ session.

    The SingleLogoutService location in the SP-Metadata file was set as the portal login URL (/portal/rest/v1/saml/initsso/) which is wrong. After changing the value to /portal/rest/v1/saml/initslo/ the logout would work successfully.


    #API-Gateway
    #API-Management
    #Tuesday-troubleshooting
    #webMethods


Related Content