Authentication with oAuth / openID is possible.
But there is no way to set up a logout callback URL. The session on the identity provider remains active and valid.
As long as the session on the identity provider is valid, a single click on “Sign in with oAuth” will re-activate the last login.
From my point of view this is a real security issue. The user might think he is logged out on the identity provider which he was using for the login, but only the current session in persioned is cleared.
Best answer by International Support TeamView original