Skip to Main Content
Status Future consideration
Categories Ideas User management
Created by Guest
Created on Aug 27, 2018

Add in API endpoint for SSO logout

I'm currently using Aha as the ideas portal for all of our users and am automatically signing them in with SSO/JWT when they access the idea portal page. This works great! However, I noted that, per the JWT help article here, that signout requires an actual browser load operation and is not currently accessible from the API. This doesn't work for me, as it's possible a user is "signing out" of Aha through another service.

For example, a user signs into our website. That user then navigates to our ideas portal, where they are automatically signed on through JWT. Now, imagine they go to another one of our services and then back to our homepage, and then choose to sign out. I should be able to, at that moment, send a simple GET request to an Aha endpoint to log the user out of the ideas portal as well. Right now though, that signout action would have to redirect to the Aha URL, even if the user isn't even looking at Aha.

I think a great reference implementation for this is how Discourse does SSO. They provide a login/logout endpoint and allow you to remotely logout users without requiring them to be on the actual site.

  • Attach files
  • Jon Kremer
    Reply
    |
    Jan 29, 2020

    This is something we have run into as well that is really needed for how we implement our ideas portal inside our application

5 MERGED

Single sign-out for ideas portal.

Merged
When users make a logout (i mean our site) they should be automatically logout from ideas portal. Now it works after close / open browser
Guest over 7 years ago in Ideas portal 0 Future consideration