Single sign out

Hi,

I’m using oauth to do single sign in to grafana but single sign out doesn’t seem to work…
Is this implemented ?? or am I misconfiguring something ?

Thanx !

what do you mean single signout? does sign out not work? or do you want to be able to sign out from all devices from one login?

I’m combining multiple gui’s of which grafana is one, I’m using keycloak to do user authorization and authentication.

Sign out works from the grafana UI but I would like to sign out using keycloak.
I present the graphs from a site where I embed the graphs in an iframe.
As I only show the graph (not the menu, so not the logout button) it would be nice if grafana fully intergrated with keycloak.

So in short, I want to sign out of all “things” (cms, grafana, provisioning-server, vpn-server) with one button on the cms frontend and with the session timout in keycloak.

Hi Peter,
I’m also facing the same issue with keycloak. Were you able to resolve it? If so can you please share the approach.

Hi Aruna,

No, I didn’t resolve it yet…
As our users don’t share computers it’s also not a very big problem… so users just stay logged in till timeout.

1 Like

Is single sign out implemented?

Yes, https://github.com/grafana/grafana/pull/12077

@jangaraj How this feature can be implemented, Is there any documentation for this?

Check your defaults.ini:

# URL to redirect the user to after sign out
signout_redirect_url =

Try to use your OAuth logout endpoint there. Another ref: https://github.com/grafana/grafana/issues/9847

@jangaraj How can I trigger signout_redirect_url from my application. I want grafana to be logged out When I logout of My application.

Sorry, this is a forum about Grafana and not about your application, so I can’t help you.

@jangaraj Is there any option to logout the user from the application by using API?
clearing cookie is not helping me to logout

Did anyone find a solution for this problem? I know keycloak has backchannel logouts which is something that grafana has to implement somehow to support this use case?

Any work around on this problem solution? I am still looking for solution.