Web Policy Agents 2024.3

Enable Invalidate Logout Session

A flag for the agent to invalidate the end user session in AM when it redirects a request to the logout URL:

  • true: Invalidate the user session. The agent deletes its own JWT cookie and invalidates the AM session. Use when the value of Logout URL List is a page in your application, and your application does not handle the session invalidation process.

  • false: Do not invalidate the user session. The agent deletes its own JWT cookie but doesn’t invalidate the AM session. Use when the value of Logout URL List is:

    • A single SAML v2.0 logout page in AM

    • A page of an AM end user

    • A page in your application, and your application does handle the session invalidation process

When Disable Logout Redirection is true, consider setting this property to true.

Default: true

Property name

org.forgerock.agents.config.logout.session.invalidate
  Introduced in Web Agent 5.6

Function

Logout redirect

Type

Boolean: true returns true; all other strings return false.

Bootstrap property

No

Required property

No

Restart required

No

AM console

Tab: AM Services (From AM 7)

Title: Enable Invalidate Logout Session
Copyright © 2010-2024 ForgeRock, all rights reserved.