Question / Problem
I want to call the logout API of the Kintone app from my own app (calling the logout API outside the Kintone app). Is there any way to do this? Thank you very much
I want to call the logout API of the Kintone app from my own app (calling the logout API outside the Kintone app). Is there any way to do this? Thank you very much
Hello @Hoang_Viet
I'm not fully sure of your goal, but here's an example of how I did this from the console using an iframe:
function kintoneLogout() {
var logoutUrl = 'https://[your-subdomain].cybozu.com/logout';
var iframe = document.createElement('iframe');
iframe.style.display = 'none';
iframe.src = logoutUrl;
iframe.onload = function() {
console.log('Logged out successfully');
setTimeout(() => {
window.location.href = 'https://[your-subdomain].cybozu.com';
}, 1000); // Optional timeout before redirect
};
iframe.onerror = function() {
console.error('Logout failed');
};
document.body.appendChild(iframe);
}
// Call the logout function
kintoneLogout();
We enable SAML authentication and configure cybozu to call our IDP server. We want to be able to manage each user's login_histories and be able to logout users through our portal page.
Please help me, thank you
Hello @Hoang_Viet
Kintone does not offer a specific API for directly accessing audit logs or user login histories. You can view user login histories through the audit log feature in the Kintone admin settings, but this data cannot be retrieved programmatically via the Kintone API.
For tracking and managing login histories, especially with SAML authentication, you should rely on your Identity Provider (IDP). Most IDPs provide audit logs and APIs to monitor user authentication events.
To log out users from Kintone using your IDP, utilize the Single Logout (SLO) functionality typically offered by IDPs. SLO enables simultaneous logout from multiple applications, including Kintone, triggered by a logout request from the IDP. Implementing SLO and configuring a custom logout handler on your portal page ensures effective management of user logouts.
After further investigation, Kintone does not currently support Single Logout (SLO) as part of its SAML authentication implementation. This means there isn't a specific logout URL in Kintone to handle logout requests from the Identity Provider (IDP). As Kintone also lacks a logout API, you would need to use your IDP's logout URL to log out the user from the IDP session.