Is your problem solved? I'm having the same problem
The configuration is as follows:
adfs Relying Rarty Trust:
sp1:
SAML Assertion Consumer Endpoints: https://sp1/saml_login(POST Binding)
SAML Logout Endpoints: https://sp1/saml_logout(POST Binding)
sp2:
SAML Assertion Consumer Endpoints: https://sp2/saml_login(POST Binding)
SAML Logout Endpoints: https://sp2/saml_logout(POST Binding)
When I log in to only sp1 or sp2 in a browser, the login and logout are normal. When I log out, the adfs invokes the saml_logout interface and carries the correct SAMLResponse.
When I log in to both sp1 and sp2 in one browser, the login is fine. However, when I exit on sp1, adfs sends Post https://sp2/saml_logout via browser 302 with SAMLRequest parameter. (When I exit on sp2, adfs sends Post https://sp1/saml_logout through the 302 of the browser, carrying the SAMLRequest parameter.)
According to the SAML protocol, the exit URL sent to SP2 does not pass through the browser (5.3.2 SP-Initiated Single Logout with Multiple SPs of https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0-cd-02.html).
What are the reasons for this phenomenon?