There are multiple scenarios to sign off a user. As an administrator, you might require one or more sign-off flows because requirements for each application can differ.

This guide provides information for the following use cases:

  • Global single logout (SLO)
  • Per application or partial logout

Each PingAccess sign-off flow is user-initiated, not system-initiated. PingAccess checks if a session is revoked and, if the existing session is found to be revoked, redirects for web. PingAccess doesn't revoke sessions. It checks the revocation status by sending a GET request to that endpoint.

For more information, see Authorization endpoint and Session Revocation API endpoint.


  • PingAccess 6.3
  • PingFederate 10.3