When a user manually logs out of Aria, or if Aria enforces a session time-out, this is considered a local session logout. When a user manually logs out using the IdP portal, or if the IdP enforces a session-time out, this is considered a IdP session logout.
Aria and third-party IdPs communicate with each other by using SAML 2.0 LogoutRequest and LogoutResponse messages. These messages can be transferred using either front-channel binding (HTTP-Redirect) or back-channel binding (SOAP).
A standard SLO sequence depends on whether the logout request is initiated by Aria, or by the IdP.
If the logout request was initiated by Aria:
If the logout request was initiated by the IdP: