Cannot logout out of Identity Server after logging out of Office 365 SAML SP

  • 7011699
  • 25-Jan-2013
  • 18-Feb-2013


NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Support Pack 1 applied
NetIQ Access Manager 3.2 Identity Server setup as SAML2 IdP


Access Manager setup as a SAML2 Identity (IDP) Server to single sign on to an Office 365 SAML2 Service Provider (SP) successfully ie. users can authenticate to the local IDP server access their Office 365 accounts without any additional authentications. However, when the user then clicks the logout link from Office 365 they are not automatically logged out of the IDP server too, but simply get the IDP portal page displayed indicating that the user is authenticated.


Issue reported to engineering. A workaround for now is to change the logout settings for the Office 365 federated SP (using powershell) to change the documented logout URL (/nidp/saml2/slo) to be /nidp/app/logout.