keycloak-scim/topics/saml/java/general-config/idp_singlelogoutservice_subelement.adoc


===== IDP SingleLogoutService sub element

The `SingleLogoutService` sub element defines the logout SAML endpoint of the IDP. 

[source,xml]
----
<SingleLogoutService validateRequestSignature="true"
                     validateResponseSignature="true"
                     signRequest="true"
                     signResponse="true"
                     requestBinding="redirect"
                     responseBinding="post"
                     postBindingUrl="posturl"
                     redirectBindingUrl="redirecturl">
----

signRequest::
  Should the client sign logout requests it makes to the IDP? _OPTIONAL._.
  Defaults to whatever the IDP `signaturesRequired` element value is. 

signResponse::
  Should the client sign logout responses it sends to the IDP requests? _OPTIONAL._.
  Defaults to whatever the IDP `signaturesRequired` element value is. 

validateRequestSignature::
  Should the client expect signed logout request documents from the IDP? _OPTIONAL._ Defaults to whatever the IDP `signaturesRequired` element value is. 

validateResponseSignature::
  Should the client expect signed logout response documents from the IDP? _OPTIONAL._ Defaults to whatever the IDP `signaturesRequired` element value is. 

requestBinding::
  This is the SAML binding type used for communicating SAML requests to the IDP _OPTIONAL._.
  The default value is POST, but you can set it to REDIRECT as well. 

responseBinding::
  This is the SAML binding type used for communicating SAML responses to the IDP The values of this can be POST or REDIRECT _OPTIONAL._.
  The default value is POST, but you can set it to REDIRECT as well. 

postBindingUrl::
  This is the URL for the IDP's logout service when using the POST binding. _REQUIRED_ if using the POST binding at all. 

redirectBindingUrl::
  This is the URL for the IDP's logout service when using the REDIRECT binding. _REQUIRED_ if using the REDIRECT binding at all.
initial saml 2016-06-02 16:07:45 +00:00
			`===== IDP SingleLogoutService sub element`

			The `SingleLogoutService` sub element defines the logout SAML endpoint of the IDP.

			`[source,xml]`
			`----`
			`<SingleLogoutService validateRequestSignature="true"`
			`validateResponseSignature="true"`
			`signRequest="true"`
			`signResponse="true"`
			`requestBinding="redirect"`
			`responseBinding="post"`
			`postBindingUrl="posturl"`
			`redirectBindingUrl="redirecturl">`
			`----`

			`signRequest::`
			`Should the client sign logout requests it makes to the IDP? _OPTIONAL._.`
			Defaults to whatever the IDP `signaturesRequired` element value is.

			`signResponse::`
			`Should the client sign logout responses it sends to the IDP requests? _OPTIONAL._.`
			Defaults to whatever the IDP `signaturesRequired` element value is.

			`validateRequestSignature::`
			Should the client expect signed logout request documents from the IDP? _OPTIONAL._ Defaults to whatever the IDP `signaturesRequired` element value is.

			`validateResponseSignature::`
			Should the client expect signed logout response documents from the IDP? _OPTIONAL._ Defaults to whatever the IDP `signaturesRequired` element value is.

			`requestBinding::`
			`This is the SAML binding type used for communicating SAML requests to the IDP _OPTIONAL._.`
			`The default value is POST, but you can set it to REDIRECT as well.`

			`responseBinding::`
			`This is the SAML binding type used for communicating SAML responses to the IDP The values of this can be POST or REDIRECT _OPTIONAL._.`
			`The default value is POST, but you can set it to REDIRECT as well.`

			`postBindingUrl::`
			`This is the URL for the IDP's logout service when using the POST binding. _REQUIRED_ if using the POST binding at all.`

			`redirectBindingUrl::`
			`This is the URL for the IDP's logout service when using the REDIRECT binding. _REQUIRED_ if using the REDIRECT binding at all.`