In a SAML 2.0 federation , the single logout service URL
is used by a partner to contact the Single logout profile. The URL
to initiate the service has the following syntax:
Syntax
https://provider_hostname:port_number/sps/
federation_name/saml20/sloinitial
..?RequestBinding=RequestBindingType
Elements
- https or http
- The URI scheme. https for resources that
are protected by secure sockets layer (SSL). http for
resources that are not protected by SSL.
- provider_hostname
- The hostname of the service or identity provider's point of contact
server.
- port_number
- The port number of the artifact resolution service endpoint. The
default value is 9444.
- sps
- The designation for the Tivoli® Federated
Identity Manager server. This element cannot be changed.
- federation_name
- The name you assign to the federation when you create it.
- saml20
- The designation that SAML 2.0 is used in your federation.
- sloinitial
- This element indicates what type of endpoint is using the port. sloinitialis
used to initiate the single logout service
The following query must also be included:
- RequestBinding
- The binding that is used to send the request. The valid values
are:
- HTTPPost
- HTTPRedirect
- HTTPArtifact
- HTTPSOAP
Examples
- Single logout URL when initiated at service provider:
- The following example shows the single logout URL when initiated
at a service provider in a federation named spfed,
using the SAML 2.0 protocol, HTTPRedirect as the request binding:
https://sp.example.com:9443/sps/spfed/saml20/sloinitial?
RequestBinding=HTTPRedirect
- Single logout URL when initiated at identity provider:
- The following example shows the single logout URL when initiated
at an identity provider in a federation named ipfed,
using the SAML 2.0 protocol, HTTPArtifact as the request binding:
https://idp.example.com:9444/sps/ipfed/saml20/sloinitial?
RequestBinding=HTTPArtifact