This document describes the steps that need to be done so that service providers can use the Single SignOn and Single Logout functionality.
The SSO part can be used directly with the adapter by enabling the feature in the Signicat Identity Broker. If SSO is enabled, once a user is logged in to a broker, all Service Providers that will want to login to that Signicat Identity Broker will be logged in automatically without reaching the Identity Provider login page.
If SSO is enabled the response will contain a special parameter called SessionIndex.
If SSO is enabled, Service Providers can use the Single Logout functionality. The SLO functionality makes sure that when the user logs out from one Service Provider he will be logout from all other Service Providers that use the same Connectis Identity Broker.
The SLO flow has two main cases: initiating a SLO flow and receiving a SLO request from the Connectis Identity Broker.
Initiating a SLO request
To initiate a SLO Request you must sent the CIB the SessionIndex parameter that was received during the SSO stage.
The Java Adapter API has support for this feature.