OpenIDC/mod_auth_openidc

id_token_hint is missing on logout redirect

kbejjipuram opened this issue · 1 comments

We use below configuration to make sure the AuthN/AuthZ works for multiple Apache web server instances under load balancer. All works well but after adding this we are noticing the logout redirect is NOT adding id_token_hint anymore which is resulting in inconsistent behavior upon logout.

OIDCSessionType client-cookie

Could you please check and suggest if we need to add any additional OIDC property to Apache to get this id_token_hint to be added to logout URL.

Upon logout we just see this post_logout_redirect_uri is being added and we lost this id_token_hint !!!