After the new trend ofSingle page applications, it became more and more popular and used by many domains. Before that authentication for the traditional web apps for a round-trip to the server was working great. Then how do we do authentication in single page applications?
As we all know IdentityServer is built with the concept of the central identity provider and it is supporting single sign-on by default as part of its main feature, but the single sign out is not coming as a part of inbuilt feature till IdentityServer3. Now they have added support for front-channel and back-channel specification for server-side clients in IdentityServer4. Here, I am going to explain how single sign out works using back-channel configurations.
Web security is the first step towards creating any user applications now a days. It is not just enough to secure application with simple password authentication and use simple cookie/session for further user state management, rather than we need to use some strong authentication mechanism using different authentication protocols like OAuth 2.0, OpenId Connect, SAML2, WS-Federation etc.
Here I am going to demonstrate IdentityServer4, which is open source authentication provider built on the top of OpenId Connect and OAuth 2.0.