I have Auth0 as SAML IdP, connected to an AWS Cognito User Pool used as Service Provider (SP).
Login works fine, but I am having trouble getting Auth0's SAML logout callback to fire at all.
I've followed the guide found here: https://auth0.com/docs/authenticate/login/logout/log-users-out-of-saml-idps#configure-slo-when-auth0-is-the-saml-idp
So far, I have configured a random URL hosted in AWS API Gateway, set up to log all incoming data so I can investigate further usage and payload. I have yet to get any data within this log. FYI, I have tested the endpoint using other means and it is working properly, logging all requests.
Should that work?
Does it have to match the Application's allowed logout URLs for it to work?
Should it be triggered when I call my logout endpoint with client_id properly defined (https://<account>.auth0.com/v2/logout?federated&client_id=XXX)?
What am I missing?
Thanks in advance.
PS: Question originally posted at https://community.auth0.com/t/when-is-the-saml-logout-callback-invoked-with-auth0-as-the-saml-idp/94504
