The Instant Messenger session is only valid for as long as the Access Manager session is valid. If the user logs out of Access Manager the Instant Messenger session is automatically closed (single sign-off) as soon as the user sends another request to the server.
SSO applications working together must be in the same DNS domain.
SSO applications must have access to the Access Manager verification URL (naming service).
Browsers must have cookies enabled.