Does Okta support IDP initiated Logout, meaning if I were to log out of Okta, I would also want to be logged out of a SP.
Is there a config in Okta where we could specify a SP endpoint, where I can receive a notification/response so that we can invalidate the user’s SP session?
Can SP make the call to session’s API : GET
In the docs, it says that this is an admin operation and requires an API token.
We wanted to use this API to do a heartbeat check with Okta, to see if user’s Okta session is still valid?
Do you have any other recommendation?
Consider this scenario :
A user logs into Okta, selects SP app from applications and is redirected to SP. User is now terminated from the organization, and looses access to Okta. How would SP know that, so that they can terminate his session with SP app?
Any inputs would be appreciated.