Description
When I use single logout in Shibboleth SAML IDP (as a part of Gluu IAM), it logs out all the relying parties in iframes from its single logout page. Zoom properly answers with Set-Cookie headers that effectively log the user out. Unfortunately, as this is loaded in iframe, those Set-Cookie do not affect the “main” cookies in modern browsers and the user is not logged out.
Error
No error message per see. Chromium displays the following in its network log “this Set-Cookie didn’t specify a “SameSite” attribute and defaulted to samesite=lax and was blocked because it came from the cross-site response which was not the response to a top-level navigation. The Set-Cookie had to have been set with “SameSite=None” to enable cross-site requests.”
Which App Type (OAuth / Chatbot / JWT / Webhook)?
SAML
Which Endpoint/s?