If any of your protected resources have a logout page or button, you need to redirect the user’s logout request to Access Gateway logout page. Access Gateway can then clear the user’s session and log out the user of any other resources that have been enabled for single sign-on. If you do not redirect the user’s logout request, the user is logged out of one resource, but the user’s session remains active until inactivity closes the session. If the user accesses the resource again before the session is closed, single sign-on reauthenticates the user to the resource.
Click Devices > Access Gateways > Edit > Reverse Proxy / Authentication.
In the Embedded Service Provider section, view the path to the AGLogout page in Logout URL.
Logout URL displays the URL that you need to use for logging out users out of protected resources. This option is not displayed until you create at least one reverse proxy with a proxy service. If you create two or more reverse proxies, you can select which one to be used for authentication and the logout URL changes to match the assigned reverse proxy. For information about how to change an authentication proxy, see Changing the Authentication Proxy Service.
Redirect application logout requests to the AGLogout page.
Click OK.
Access Gateway does not support the following logout pages that were used in previous version of Access Manager and iChain:
/cmd/BM-Logout
/cmd/ICSLogout