AzureAD Sign out bindings

Identity_Q 41 Reputation points
2020-05-08T08:04:19.103+00:00

Does Azure AD supports HTTP-POST ? I can see HTP-Redirect is used in metadata but need to confirm if HTTP-POST can be used as well. Some applications may have hard dependency on HTTP-Post and unless it is supported by AzureAD, sign out on those apps wont work.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,119 questions
0 comments No comments
{count} votes

Accepted answer
  1. soumi-MSFT 11,786 Reputation points Microsoft Employee
    2020-05-11T12:02:25.63+00:00

    @IdentityQ-6734, Azure AD implements the SAML 2.0 web browser single sign-out profile. As part of the single sign-out flow the browser will be redirected (HTTP Redirect) to this url, so it is not possible to configure this call to be only a POST. This article provides a detailed description of the single sign-out flow in Azure AD, and for more info about the SAML 2.0 web browser single sign-out profile you can refer to the specification here.


1 additional answer

Sort by: Most helpful
  1. soumi-MSFT 11,786 Reputation points Microsoft Employee
    2020-05-08T09:07:05.467+00:00

    @IdentityQ-6734, Ideally the following http bindings are available by default in Azure AD metadata

     <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.microsoftonline.com/c2d4955e-81d6-xxx-8388-68xxxxxxe8dc243/saml2"/>
     <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.microsoftonline.com/c2d4955e-81d6-xxx-8388-68xxxxxxe8dc243/saml2"/>
     <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.microsoftonline.com/c2d4955e-81d6-xxx-8388-68xxxxxxe8dc243/saml2"/>
    

    I am not seeing HTTP-POST for SingleLogoutService. I would request you to allow me sometime to check on this and will get back to you in sometime.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.