adfs sign out page

%3CLINGO-SUB%20id%3D%22lingo-sub-33686%22%20slang%3D%22en-US%22%3Eadfs%20sign%20out%20page%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-33686%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EWe%20are%20looking%20to%20leverage%20ADFS%203.0%20with%20our%20new%20HRIS%20system%20(Workday).%20we%20have%20several%20shared%20auto-logon%20workstations%20that%20are%20used%20by%20our%20staff.%20We%20are%20testing%20a%20scenario%20where%20we%20put%20ADFS%20for%20our%20shared%20device%20in%20a%20GPO%20that%20sets%20our%20ADFS%20site%20as%20trusted%20site%20so%20their%20AD%20creds%20are%20not%20automatically%20passed%20and%20they%20are%20prompted%20to%20sign-in.%20upon%20signing%20out%2C%20I%20would%20like%20to%20ensure%20that%20if%20they%20don%E2%80%99t%20close%20the%20browser%20that%20the%20session%20cookie%20is%20removed.%20forcing%20authentication%20again%20should%20they%20go%20to%20the%20workday%20site.%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Edoes%20anyone%20have%20any%20good%20ways%20to%20accomplish%20this%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Ewe%20have%20configured%20our%20logout%20endpoint%20as%20%3CA%20href%3D%22https%3A%2F%2Fadfs.domain.com%2Fadfs%2Fls%2F%3Fwa%3Dwsignout1.0%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fadfs.domain.com%2Fadfs%2Fls%2F%3Fwa%3Dwsignout1.0%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Ewe%20get%20a%20notice%20that%20you%20have%20been%20signed%20out%20but%20if%20i%20don't%20close%20the%20browser%2C%20and%20go%20to%20the%20url%20for%20workday%20..%20I%20am%20signed%20in%20as%20the%20previous%20users.%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks.%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-33686%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAuthentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-38595%22%20slang%3D%22en-US%22%3ERe%3A%20adfs%20sign%20out%20page%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-38595%22%20slang%3D%22en-US%22%3EI%20think%20this%20is%20a%20duplicate%2Foriginal%20of%20another%20post%20you%20did%2C%20but%20I%20found%20this%20page%20which%20might%20help%3A%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fcommunity.dynamics.com%2Fcrm%2Ff%2F117%2Ft%2F151740%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcommunity.dynamics.com%2Fcrm%2Ff%2F117%2Ft%2F151740%3C%2FA%3E%3C%2FLINGO-BODY%3E
Contributor

We are looking to leverage ADFS 3.0 with our new HRIS system (Workday). we have several shared auto-logon workstations that are used by our staff. We are testing a scenario where we put ADFS for our shared device in a GPO that sets our ADFS site as trusted site so their AD creds are not automatically passed and they are prompted to sign-in. upon signing out, I would like to ensure that if they don’t close the browser that the session cookie is removed. forcing authentication again should they go to the workday site.

does anyone have any good ways to accomplish this?

we have configured our logout endpoint as https://adfs.domain.com/adfs/ls/?wa=wsignout1.0

we get a notice that you have been signed out but if i don't close the browser, and go to the url for workday .. I am signed in as the previous users.

 

Thanks.

 

1 Reply
I think this is a duplicate/original of another post you did, but I found this page which might help:
https://community.dynamics.com/crm/f/117/t/151740