Hi all, According to the OIDC Session management <https://openid.net/specs/openid-connect-session-1_0.html#RPLogout> spec,
"At the logout endpoint, the OP SHOULD ask the End-User whether he wants to log out of the OP as well. If the End-User says "yes", then the OP MUST log out the End-User. It doesn't say how to handle when the user denies the logout consent. How to handle if the user denies the logout consent? What is the possible approach? Appreciate your suggestions on this. Thank you for your time, Piraveena -- *Piraveena Paralogarajah* Undergraduate, Department of Computer Science and Engineering, University of Moratuwa. *E-mail*: [email protected] *Blog:* https://medium.com/@piraveenaparalogarajah *LinkedIn*: https://www.linkedin.com/in/piraveena-paralogarajah <https://www.linkedin.com/in/piraveena-paralogarajah>
_______________________________________________ specs mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-specs
