SAP Knowledge Base Article - Public

2177242 - Customer will get error "Logoff only performed locally and not at the identity provider" while performing SSO Logout

Symptom

While Logging out of the system, using SSO ( Single Sign-On ),system throws an error "Logoff only performed locally and not at the identity provider" ( see Below ) instead of normal system logout screen.

 

Sso_logoff.jpg

 

 

Reproducing the Issue

Using SSO, just Logout of the system.

Cause

If you are using ADFS, it could be a setting problem in ADFS configuration.

ADFS: Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access control authorization model to maintain application security.

 

 

Resolution

The response URL needs to be updated to a landing URL appropriate for you. This is done in ADFS configuration:

Example URL that should be there in the Response URL section: HTTPS://myXXXX-sso.crm.ondemand.com/sap/public/byd/runtime?logoff=2 You may change the system details according to the system that is affected

Here is an example screen in ADFS:

pi_t2.png

 

Keywords

KBA , logoff only performed locally , SRD-CC-IAM , Identity & Access Management , How To

Product

SAP Business ByDesign all versions ; SAP Cloud for Customer add-ins all versions