You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am evaluating dockerized MISP for the past few weeks in conjunction with Keycloak for OIDC.
Using MISP/misp-docker I have been able to provide a logout url for OIDC using their OIDC_LOGOUT_URL environment variable for successful logout and redirect to login page. Their script part
In my case I used something along
(Keycloak is unhappy if not specifying the client_id)
I noticed that for your docker image it is currently hardcoded inside the config.php template.
After clicking Logout in MISP I end up with 400 error on a Keycloak page:
Clicking Back to Application then leads me to the original Keycloak login webpage for MISP.
And as mentioned in your OIDC docs - Caveats the user is still logged into Keycloak.
May I suggest to provide a new environment variable like OIDC_LOGOUT_URL to allow overriding the current setting?
This would improve OIDC interaction and provide true logout capability for it.
Kind regards
The text was updated successfully, but these errors were encountered:
Hello everyone
I am evaluating dockerized MISP for the past few weeks in conjunction with Keycloak for OIDC.
Using MISP/misp-docker I have been able to provide a logout url for OIDC using their
OIDC_LOGOUT_URLenvironment variable for successful logout and redirect to login page.Their script part
In my case I used something along
(Keycloak is unhappy if not specifying the
client_id)I noticed that for your docker image it is currently hardcoded inside the config.php template.
After clicking
Logoutin MISP I end up with 400 error on a Keycloak page:Clicking
Back to Applicationthen leads me to the original Keycloak login webpage for MISP.And as mentioned in your OIDC docs - Caveats the user is still logged into Keycloak.
May I suggest to provide a new environment variable like
OIDC_LOGOUT_URLto allow overriding the current setting?This would improve OIDC interaction and provide true logout capability for it.
Kind regards
The text was updated successfully, but these errors were encountered: