Universal Logout
Universal Logout lets you terminate users' sessions and their tokens for supported apps when Identity Threat Protection identifies a change in risk.
A user session is the time during which a user is authenticated and authorized to access apps secured by Okta. An app session refers to sessions that an app generates to allow users to access the app's resources.
You can trigger Universal Logout actions as a response to the post auth session and entity risk policies. You may also end a user session manually from the user risk profile. And you can configure Universal Logout to terminate users' sessions in generic Security Assertion Markup Language (SAML) and OpenID Connect (OIDC) apps.