...
If the SAML provider logout URL for AAD isn't already configured, this must be configured first:
...
Once SLO has been enabled and the AAD logout URL configured, you now have partial Single Logout (IDP): Users can click "Logout in" the Atlassian app and be signed out of the app and the IDP. The user will land on AAD's logout confirmation page.
| Expand | ||
|---|---|---|
| ||
If the AAD logout URL isn't specified already, you will either need to input this directly in the form Single Logout configuration input, or refresh AAD metadata which we'll do here. Navigate to the Metadata menu. If the metadata URL is already filled you can simply click Save to do the refresh.  Otherwise, you will first need to either obtain the "App Federation Metadata Url", or upload "Federation Metadata XML" as a file (or use XML cut&paste) from AAD. This can be obtained via the AAD management portal. Log into https://portal.azure.com then navigate to Azure Active Directory >> Enterprise Applications >> Atlassian app. Then select Single Sign-on from the menu.  After refreshing metadata, the Single Logout menu page should have a logout URL and you can enable SLO and continue with setup. |
...
Configuring a Logout URL for the service provider (does not work with AAD currently)
...