Single Sign-out Endpoints for external providers Facebook, Google and Microsoft Account

Last days i worked on implementing single sign-out between our STS and all the external providers that we integrated with.

So when a user logout from our STS we should log it out also from the external provider if this user login using an external provider which make sense and OpenId specification describe this in details using hidden IFrames.

The implementation is too easy but the hardest part is to get the external providers logout Endpoints URIs which should be easy to obtain and well mentioned in each provider documentation.

Google:

https://www.google.com/accounts/Logout?continue=https://appengine.google.com/_ah/logout?continue=[http://www.urltoredirectto.com]
  • continue: The redirect URL that the browser is sent to after logout.

Microsoft Account:

https://login.live.com/oauth20_logout.srf?client_id=[CLIENT_ID]&redirect_uri=[REDIRECT_URL]
  • client_id: The client ID value created for your application.
  • redirect_uri: The redirect URL that the browser is sent to when authentication is complete. This must match exactly the redirect_uri value used in the get token request.

Facebook:

https://www.facebook.com/logout.php?next=[YourAppURL]&access_token=[ValidAccessToken]
Show your support

Clapping shows how much you appreciated Ahmed Marzouk’s story.