My idea is:
Mautic should support a log-out through through SLO
I think these groups of people would benefit from this idea:
Any groups utilizing Mautic in an SSO configuration
Why I think they would benefit from this idea:
When logging in from centralized location, SSO is great. But when the user manually logs out of IdP and service provider simultaneously, this will mitigate the risk of orphaned SSO sessions
Any code or resources to support this idea:
This is one way:
User hits logout in IdP. IdP sends a digitally signed SAML LogoutRequest to service provider (Mautic). Service provider (Mautic) successfully terminates its own session with the user.
Are you willing to work on this idea?:
Yes
What skills and resources do you need to explore this further?
PHP for Mautic and possibly a Ruby Gem
Please tell me:
If you feel there is already a way to programmatically log-out a user that has been logged in via SSO. We have also tried setting the sessionExpiry: https://github.com/mautic/mautic/issues/9203