Configure Universal Logout for third-party apps

Early Access release

Universal Logout lets you terminate users’ sessions and their tokens for supported third-party apps when Identity Threat Protection identifies a change in risk.

Before you begin

  • Ensure that your admin role has permission to manage apps. See the Application management section in Application management.
  • Ensure that Universal Logout supports the app that you want to configure.
  • You must have a service account with the security provider whose app you want to configure.
  • Obtain the credentials that you need to connect Okta to the app.

Start this procedure

Do this procedure in a SAML app that you’ve already integrated. To integrate an app, see Add existing app integrations, and then return to this procedure.

  1. In the Admin Console, go to ApplicationsApplications.
  2. Select an app that supports Universal Logout. See Universal Logout .
  3. On the app’s page, select the Authentication tab.
  4. In the Logout section, click Edit.
  5. Select Okta system or admin initiates logout.
  6. In the API configuration for logout section, enter your admin credentials for the app. The names of these fields are different for each vendor.
  7. Click Connect account, and then complete the app configuration in the pop-up window that appears.
  8. Click Save.

Related topics

Universal Logout

Universal Logout revocations

Manual actions for Identity Threat Protection with Okta AI