How does SAML Single Logout Request work?Overview In the Identity Provider form, we have an attribute 'Identity Provider's SingleLogoutRequest' which says 'The Identity Provider's SingleLogoutRequest service endpoint. The LogoutRequest will be posted to this URL as the SAMLRequest parameter'. How does Single Logout Request work?Is there a way to close the user's session on the Identity Provider side when they logout from ServiceNow? In Single Sign-On (SSO), this is how Single Logout Request works The Service Provider (ServiceNow instance in our case) generates a LogoutRequest SAML message and returns it to the user's browser. This validates the request to the Identity Provider.The Identity Provider's Single Logout Endpoint is appended with the LogoutRequest, which is a dedicated URL that expects to receive SingleLogout requests. This entire URL is returned to the user’s browser via a 302 HTTP redirection response.The browser follows the redirect and requests the IdP’s SingleLogout URL with the Logout Request in the query string.The Identity Provider determines the other Service Providers that support SingleLogout to which the end-user received Single Sign-On during the current logon session. The IdP then iteratively does the following for each participating Service Provider: Generates a new LogoutRequestRedirect user’s browser to that Service Provider’s SingleLogout endpointWaits for a LogoutResponse from the Service Provider via the user’s browser Each Service Provider terminates its own logon session for the user after receiving and validating the LogoutRequest from the Identity Provider.The Identity Provider terminates its own logon session and sends a final LogoutResponse message that to the initiating Service Provider. This matches the original LogoutRequest it sent in step 1. The response includes a flag telling the originating Service Provider whether SAML Single Logout was either fully or partially completed.The Service Provider displays a logout page to the user. Additional Information How to set up SingleLogoutRequest service URL in ServiceNow? How to enable signed logout requests in ServiceNow? 'Identity Provider's SingleLogoutRequest' value needs to be empty if an Identity Provider Server does not support Single Logout Request. This may also cause an error page at the time of 'Test Connection'. Clear the value, save the record and run a test again.