This topic has 0 replies, 1 voice, and was last updated 1 month, 1 week ago by [email protected].

  • Author
    Posts
  • #27666

    Hello,

    2 questions.
    1. according to https://backstage.forgerock.com/knowledge/kb/article/a21753800#signother, Logout Request can be signed. Could you please confirm these refer to the logout requests sent by the IdP (OpenAM) to SP’s during SLO?
    2. does OpenAM verify the logout request signature sent by SP if its metadata don’t include its public key? In other words, if OpenAM has no mean to verify the signature (SP public key unavailable), does it skip this step?

    Thanks,

    Olivier

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?