OIDCProviderRevocationEndpoint will not accept empty string to bypass revocation #1203
Unanswered
SarahBachman
asked this question in
Q&A
Replies: 1 comment
-
OIDCProviderRevocationEndpoint "" should work >= 2.4.14 and just re-confirmed with 2.4.15.3, it seems you have installed a version >= 2.4.0 < 2.4.14 which would not accept an empty string |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Recently updated from v2.3.8.1 -> v2.4.15.3 on one of our legacy sites. It did not use to try to call the revoke url as we don't need it to. After updating, our logout time increased exponentially, and I found a message in our logs referencing a revocation url call timeout (I'm assuming it times out because we don't have any url for this setup).
I am trying to prevent the revocation completely at this point and read in the release notes that I should be able to configure an empty string for OIDCProviderRevocationEndpoint and bypass revocation. However, I keep getting errors for every iteration of an empty string.
Am I missing something here? Is there a specific empty string configuration I should be using?
Beta Was this translation helpful? Give feedback.
All reactions