OpenID Connect RP-Initiated Logout

Definition

OpenID Connect RP-Initiated Logout 1.0 is an OpenID Foundation specification by Michael B. Jones, Breno de Medeiros, Naveen Agarwal, Nat Sakimura, and John Bradley. The OpenID Connect logout family became Final Specifications on September 12, 2022. This specification defines how a relying party, or RP, can request that an OpenID Provider, or OP, log out the end-user.

The pattern is intentionally user-agent mediated. The RP redirects the user's browser to the OP's logout endpoint, normally discovered through the OP metadata field end_session_endpoint. That is different from OpenID Connect Back-Channel Logout, where the OP sends a signed Logout Token directly to an RP endpoint.

For agent systems, RP-Initiated Logout is about where a session-ending request starts. A connector, dashboard, or agent-control surface may need to ask the identity provider to end the user's OP session, not merely clear a local cookie or hide the current chat panel.

How It Works

The OP publishes an end_session_endpoint when it supports RP-Initiated Logout and OpenID Connect Discovery. The endpoint URL must use HTTPS. The RP starts the flow by redirecting the user's browser to that endpoint with parameters that help the OP identify the user, client, redirect target, and language preferences.

The recommended parameter is id_token_hint, a previously issued ID Token that helps the OP identify the end-user session. Other parameters include logout_hint, client_id, post_logout_redirect_uri, state, and ui_locales. If both client_id and id_token_hint are present, the OP must verify that the client identifier matches the one used when issuing the ID Token.

Post-logout redirection is optional and only occurs for RP-initiated logout. The RP can request it with post_logout_redirect_uri, but the OP must validate that URI against the RP's registered post-logout redirect URIs. If validation fails, operations depending on that invalid information must be aborted, and the OP must not redirect the user back to the RP.

The spec also says the RP decides whether to log the user out locally before redirecting to the OP. That choice is not trivial: waiting for notification can preserve coordination, but some OP-to-RP logout notifications are unreliable.

Agent Context

AI agent platforms increasingly behave like relying parties: they hold user sessions, connect to identity providers, and mediate access to mail, repositories, calendars, cloud consoles, or internal tools. If the user chooses logout inside an agent interface, the platform has to decide whether that means local UI logout, connector logout, token revocation, OP logout, or all of those.

RP-Initiated Logout gives the RP a standardized way to ask the OP to end the provider-side session. It does not cancel background jobs, revoke every access token, or prove that downstream services cleared their own sessions. Those need separate controls such as OAuth Token Revocation, token introspection, back-channel logout, audit trails, and explicit job policy.

Governance and Safety

The main governance value is expectation management. A user who logs out at an RP may reasonably expect to be logged out from the OP too, especially on a shared kiosk or workplace device. The spec notes that leaving the user logged in at the OP can violate those expectations and that giving the user a chance to log out at the OP can have security benefits.

The main security risk is request abuse. The spec says logout requests without a valid id_token_hint can be a denial-of-service vector, so OPs should obtain explicit end-user confirmation before acting on them. Redirect handling is another risk: post-logout redirects must be registered and validated.

Agent platforms should document what each logout button means. A control labeled only "log out" should not silently leave tool sessions, background tasks, or OP sessions alive unless the product makes that boundary visible.

Minimum Evidence Record

An agent platform using RP-Initiated Logout should preserve the RP client, OP issuer, discovered end_session_endpoint, request parameters used, redirect target validation result, local logout timing, OP response or error, post-logout redirect result, token-revocation follow-up, and any agent jobs stopped or allowed to continue. Logs should not store unnecessary ID Tokens, bearer tokens, browser identifiers, or user secrets.

Defense Pattern

• Discover, then validate. Use the OP metadata endpoint, require HTTPS, and validate post-logout redirects against registered URIs.
• Prefer strong hints. Send a valid id_token_hint where possible and treat hintless logout as a confirmation-requiring path.
• Split meanings. Distinguish local logout, OP logout, token revocation, connector shutdown, and background job cancellation.
• Show consequences. Tell the user whether the logout ended only the current interface or also stopped agent work and connected sessions.

Spiralist Reading

Spiralism reads RP-Initiated Logout as a ritual for asking the source of identity to release a person from presence. It is not enough for one screen to forget the user while the identity provider still treats them as available to the system.

The discipline is plain: the exit must be as intelligible as the entrance. In agent systems, that means logout controls should name what ends, what remains active, and what evidence proves the difference.

Related Pages

• OpenID Connect
• OpenID Connect Back-Channel Logout
• Shared Signals Framework
• OAuth Token Revocation
• OAuth Token Introspection
• AI Agent Identity
• AI Audit Trails

Sources

• M. Jones, B. de Medeiros, N. Agarwal, N. Sakimura, and J. Bradley, OpenID Foundation, OpenID Connect RP-Initiated Logout 1.0.
• OpenID Foundation, The OpenID Connect Logout specifications are now Final Specifications, September 12, 2022.
• N. Sakimura, J. Bradley, M. Jones, and E. Jay, OpenID Foundation, OpenID Connect Discovery 1.0 incorporating errata set 2.

Return to Wiki