LogoutEndpoint (Keycloak REST Services 12.0.2 API)

java.lang.Object
- org.keycloak.protocol.oidc.endpoints.LogoutEndpoint

public class LogoutEndpoint
extends Object

Author:: Stian Thorgersen

Constructor Summary

Constructors
Constructor and Description

LogoutEndpoint(TokenManager tokenManager, RealmModel realm, EventBuilder event)

Constructors
Constructor and Description
`LogoutEndpoint(TokenManager tokenManager, RealmModel realm, EventBuilder event)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`javax.ws.rs.core.Response`	`backchannelLogout()` Backchannel logout endpoint implementation for Keycloak, which tries to logout the user from all sessions via POST with a valid LogoutToken.
`javax.ws.rs.core.Response`	`logout(String redirectUri, String encodedIdToken, String postLogoutRedirectUri, String state, String initiatingIdp)` Logout user session.
`javax.ws.rs.core.Response`	`logoutToken()` Logout a session via a non-browser invocation.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

LogoutEndpoint

public LogoutEndpoint(TokenManager tokenManager,
                      RealmModel realm,
                      EventBuilder event)

Method Detail

logout

@GET
public javax.ws.rs.core.Response logout(@QueryParam(value="redirect_uri")
                                             String redirectUri,
                                             @QueryParam(value="id_token_hint")
                                             String encodedIdToken,
                                             @QueryParam(value="post_logout_redirect_uri")
                                             String postLogoutRedirectUri,
                                             @QueryParam(value="state")
                                             String state,
                                             @QueryParam(value="initiating_idp")
                                             String initiatingIdp)

Logout user session. User must be logged in via a session cookie. When the logout is initiated by a remote idp, the parameter "initiating_idp" can be supplied. This param will prevent upstream logout (since the logout procedure has already been started in the remote idp).

Parameters:: redirectUri -; initiatingIdp - The alias of the idp initiating the logout.
Returns:

logoutToken
```
@POST
 @Consumes(value="application/x-www-form-urlencoded")
public javax.ws.rs.core.Response logoutToken()
```
Logout a session via a non-browser invocation. Similar signature to refresh token except there is no grant_type. You must pass in the refresh token and authenticate the client if it is not public. If the client is a confidential client you must include the client-id and secret in an Basic Auth Authorization header. If the client is a public client, then you must include a "client_id" form parameter. returns 204 if successful, 400 if not with a json error response.

Returns:

backchannelLogout
```
@Path(value="/backchannel-logout")
 @POST
 @Consumes(value="application/x-www-form-urlencoded")
public javax.ws.rs.core.Response backchannelLogout()
```
Backchannel logout endpoint implementation for Keycloak, which tries to logout the user from all sessions via POST with a valid LogoutToken. Logout a session via a non-browser invocation. Will be implemented as a backchannel logout based on the specification https://openid.net/specs/openid-connect-backchannel-1_0.html

Returns:

Class LogoutEndpoint

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

LogoutEndpoint

Method Detail

logout

logoutToken

backchannelLogout