Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
enum Duende.IdentityServer.Validation.EndSessionHintValidationOutcome
Assembly: Duende.IdentityServer
Represents the outcome of validating an id_token_hint's claims (sub/sid) against the current user session during an end session (logout) request.
Values
Valid
The id_token_hint's claims match the current session. Proceed with logout.
Invalid
The id_token_hint's claims do not match the current session. Reject the logout request.
RequiresConfirmation
The session match is uncertain. Proceed with logout but require the user to confirm.
The logout UI will show a confirmation prompt ( <see cref="P:Duende.IdentityServer.Models.LogoutRequest.ShowSignoutPrompt" /> will be <c>true</c> ).
<para>
Note: <see cref="F:Duende.IdentityServer.Validation.EndSessionHintValidationOutcome.RequiresConfirmation" /> is advisory — the logout UI must respect
<see cref="P:Duende.IdentityServer.Models.LogoutRequest.ShowSignoutPrompt" /> for the confirmation to be enforced.
Custom logout UI implementations must check this property to meet the OIDC spec's
requirement to prompt the user when the id_token_hint does not match the current session.
</para>