We are authenticating to FTN through Signicat with OIDC. And due to requirements from Traficom, we are using Message-Level Encryption for authentication. We would like to use Single log-out, and to do it with automaticly without prompting the user.
The problem is: endsession endpoint seems to accept only decrypted id_token, which we could not send it including personally identifiable information. Could it be somehow done with encrypted id_token (nested jwt)?
Hi,
Thank you for your questions.
We have previously responded to you via our support system about this, but want to share some of the information here as well to make it visible for the rest of our community members.
Currently, the endsession endpoint requires a decrypted id_token, which means it’s not possible to use a fully encrypted (nested JWT) token in the logout flow, even when using Message-Level Encryption as required by Traficom.
For more details, please refer to our documentation:
Hi, thanks for the reply.
Currently…
So does this mean, that it could start working in the near future? Or is just a dead end and we woun’t get our automatic log out?