TIBCO Spotfire Server will not attempt to log out the user from the OpenID Connector provider when logging out from Spotfire
Article ID: KB0075043
Updated On:
| Products | Versions |
|---|---|
| Spotfire Server | 10.10 and lower |
Description
With OpenID authentication enabled, Spotfire will not attempt to log out the user from the identity provider when logging out from Spotfire. If you click on "Login again" button, the user is logged in automatically without having to provide his credentials again.
Issue/Introduction
This article will give you reason behind why users cannot logout from the Spotfire when they click "Logout" button with SSO enabled.
Resolution
The reason that a new authentication session is established in Spotfire as soon as the user clicks "Log in again" is because that the Identity Provider (Okta or Google or Azure) still maintains an active session for that user. TIBCO Spotfire Server currently doesn’t support any form of Single Logout which would logout the user from both Spotfire Server and the Identity Provider. So since the Identity Provider still has an active session for the user, the user is automatically logged back in to Spotfire.
Feedback
Yes
No
Powered by
