Skip to main content
Skip table of contents

Override Local Logout with Single Logout in SAML

In some cases, the local logout for platform users is not enough and in a SAML scenario, the user should also be logged out of the Identity Provider. To do that, the user has to be sent to the SAML logout URL instead of the regular logout URL

Step-by-step guide

This step-by-step guide assumes you are using the predeployed version of the iGrafx Platform and your IDP is set up to allow SingleLogout requests. When using the WAR or EAR file, the portalshared.ftl file will have to be extracted from within the EAR/WAR file.

  1. Create a new folder extensions/samllogout/WEB-INF/templates in your base directory, including all subdirectories
  2. Copy the file apache-tomcat-8.5.xx/igrafx/iGrafxWebApp/WEB-INF/templates/Decorator/applicationheader.ftl from your installation directory into the newly created extension directory
  3. Edit the file in the extension directory and replace the one occurrence of href="/logout" with href="/saml/logout", then save the file
  4. Restart your iGrafx Platform
  5. Your logout button should now log you out of the iGrafx Platform and afterwards redirect you to your IDP logout.


Only use this if you are using SAML authentication and your FederationMetadata.xml file contains a <SingleLogout> element that tells the iGrafx Platform where the IDP logout service is available, otherwise this feature will not work.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.