---
title: SP single logout integration
description: When an SP PingFederate server receives a request for SLO, it redirects the user's browser to the Logout Service as configured in the SP OpenToken Adapter instance. As part of the redirect, PingFederate and the OpenToken Adapter include both an OpenToken and a resumePath query parameter.
component: php
page_id: php:setup:pf_php_ik_sp_single_logout_integration
canonical_url: https://docs.pingidentity.com/integrations/php/setup/pf_php_ik_sp_single_logout_integration.html
revdate: June 21, 2024
---

# SP single logout integration

When an SP PingFederate server receives a request for SLO, it redirects the user's browser to the Logout Service as configured in the SP OpenToken Adapter instance. As part of the redirect, PingFederate and the OpenToken Adapter include both an OpenToken and a resumePath query parameter.

* The OpenToken includes attributes about the user.

* The resumePath query parameter provides the target application URL.

A user can have multiple sessions. This logout sequence, as shown in the following diagram, will occur for each of the user's sessions controlled by the SP PingFederate server.

![kzc1563995588326](_images/kzc1563995588326.jpg)

**Sequence**

1. PingFederate receives an SLO request under the SAML 2.0 protocol.

2. PingFederate, via the OpenToken Adapter, redirects the browser to the Application Server's Logout Service.

3. The Logout Service returns to PingFederate, indicating that the logout was successful.

The code needed to perform an SP SLO is identical to that required for an IdP SLO. (See [Sample code](pf_php_ik_idpslo_sample_code.html).)