Single Logout for SSO Applications

Single logout for internal service providers is enabled automatically. Logout for external service providers requires editing the service provider configuration.

If your agents use single sign-on (SSO) to log in to other applications using Oracle Service Cloud as the identity provider, they can be automatically logged out of all the service providers they're logged into when they log out of any one of them. The applications can be external or internal to the Oracle cloud. This enhances the security for all the applications, because users would be forced to reenter their credentials after they log out of any one of them.

• Internal service providers—Single logout for internal service providers is enabled automatically and requires no configuration other than that described in Create an SSO Service Provider. Logout requests by service providers internal to the Oracle cloud do not require certificates because they're assumed to be secure.
• External service providers—Configuring single logout for an external service provider requires editing the service provider configuration in the Single Sign-On Configurations editor to add logout parameters and certificates.
  Caution: You must also configure the NameID Format parameter. If the NameID Format parameter for B2C Service and the external IdP do not match, then your agents might not be logged out automatically from other service providers. See Define an External IdP for Agent Authentication on the Login Window.

  Logout requests by external service providers must be signed using valid certificates to ensure that the logout request can be trusted. External service providers can also use alternate certificates to help transition from expiring certificates.