App Logout philosophy

I was surprised to see that logout is for the app but the session remained and logging back in takes me in without prompting for user name and password. Why have the app logout at all if the session persists? What’s the philosophy for the app logout, i.e. what is it useful for?



You should be able to define Application Sign-On policy, if you need to re-authenticate a user.

As for the philosophy, it’s a philosophical question :smile: Okta provides SSO with multiple integrated applications in your tenant, so if you destroy user session with Okta during your application logout (which is possible), you will ruin user experience, who is expecting, that they are able to sign into other applications after signing out of yours.

thank you for the reply phi1ipp.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.