Federation Manager Guide › Getting Started with a Simple Partnership › Add Single Logout › Configure Single Logout at the IdP

Configure Single Logout at the IdP

Configure single logout at Idp1.

To configure single logout at the IdP

1. From the Federation Manager UI, select Federation, Partnerships.

   The View Federation Partnerships window displays.

2. Select Action, Deactivate next to the entry for TestPartnership.

   You must deactivate a partnership prior to editing it.

3. Click Action, Edit next to the entry for TestPartnership.

   The dialog for the first step of the partnership opens.

4. Click the SSO and SLO step.
5. In the SLO group box, select the HTTP-redirect for the SLO Bindings to enable single logout.
6. Click Add Row in the SLO Service URLs table and complete the following:
   • SLO Location URL

     http://sp1.demo.com:9091/affwebservices/public/saml2slo

     This link indicates that the single logout request will be sent to the remote SP.

   • SLO Confirm URL

     http://idp1.example.com:9090/idpsample/SLOConfirm.html

     This link is the confirmation page at the site that initiated single logout, in this case, IdP1. The user is redirected to this page if single logout completes successfully.

7. Select the row you just configured by clicking the radio button in the Select column.
8. Click the Confirm step in the wizard and review the configuration.
9. Click Finish.

   You return to the View Federation Partnerships window.

10. Reactivate the partnership by selecting Action, Activate next to the TestPartnership entry in the Federation Partnership List.

Single logout is now added to the configuration at IdP1.