- From: Cullen Jennings <fluffy@iii.ca>
- Date: Sat, 5 Sep 2015 07:44:56 -0600
- To: Martin Thomson <mt@mozilla.com>, Eric Rescorla <ekr@rtfm.com>
- Cc: public-webrtc <public-webrtc@w3.org>
So imagine I am using a computer at internet cafe with some WebRTC app that uses Identity. It seems that I probably want to log off when I am done to invalidate the session cookie that got installed to talk to the IdP. I suspect we want to pass a logoutUrl much the same way we pass a loginURL. I would not want the user to have to know to go to the identity server page to logout there as wells as the app they are using. Does that sound right to you guys or am I missing some other way this happens?
Received on Saturday, 5 September 2015 13:45:18 UTC