Hi @Manuel T
Thank you for posting this in Microsoft Q&A.
I understand you have multiple app registrations, each corresponding to a different website, and they all use the same user flow configured in Entra External ID. Single Sign-On (SSO) is working correctly, but Single Logout (SLO) is not functioning as expected. When a user logs out from one website, they remain logged in on the other websites.
If a single user session is active, Microsoft Entra ID will automatically select that session and the SAML logout will proceed. If multiple user sessions are active, Microsoft Entra ID will enumerate the active sessions for user selection. After user selection, the SAML logout will proceed.
To further troubleshoot the issue, you can try the following:
1.Verify that the logout endpoint is being called correctly when a user initiates logout.
2.Verify that the CIAM cookies are being deleted correctly when a user logs out.
You can Implement front-channel logout, which involves redirecting the user to the logout endpoint when they initiate logout. This will ensure that the user is logged out from all applications.
You can find more information in this document: https://learn.microsoft.com/en-us/entra/identity-platform/v2-protocols-oidc#what-is-a-front-channel-logout-url
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.