I'm wanting to incorporate an OIDC sign in flow to my single page webapp through an Okta app.
However, I want the session of the user that signed in through Okta in my system to be tied to their Okta session (i.e. if they log out of Okta, or they lose access to my app in Okta, they will be logged out of my webapp).
It seems that backchannel logout is the way to achieve this with OIDC. Does Okta support backchannel logout?
As a side note, it appears that some Okta apps have figured out a way to do this already. For example, if I lose access to the Slack app in Okta, my Slack account is immediately frozen...so there is some kind of communication from Okta ---> Slack in that case. Maybe they are using SAML for that?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…