We’ve successfully accomplished most of our development goals with the Okta integration. However, I’m having a hard time finding documentation on how to allow Okta to sign out of our application. We assume that if the user signs out of Okta, then they should no longer be able to access our application, but we do not know how to configure Okta to call our IDP logout URL when the logout is not initiated by our application.
So here is the scenario. A user is using Okta to login to multiple applications, one of which is ours. The user logs out of Okta through your web interface or some other SLO method, not our application. We would expect Okta to send our IDP a notification to log the user out of our application.
Is this a valid scenario that we need to address? If so, can anyone point me in the right direction to get some help on how to get this working?