This document describes how to configure Single Logout for AD FS.
Begin configuration by navigating to your ADFS IDP and select Single Logout from the navigation menu. The logout URL should be populated and you can enable Single Logout and click "Save":
Read the following if the SAML provider logout URL for ADFS isn't already configured:
We next need to configure ADFS. This will also be done by doing a metadata refresh. Open the AD FS Management application and navigate to Relying Party Trusts. Find the relying party for your application and right click it for this menu:
Click the Update button in the dialog that pops up.
To verify the import was successful, you may optionally right click the relying party again and this time select Properties. Navigate to the Endpoints tab and you should see that SAML Logout Endpoints have been detected:
Single Logout should now be enabled and working for new AD FS logins.
Clicking logout from the Atlassian app should now also terminate the user's ADFS session.
Users can also initiate logout from ADFS (IDP initiated logout), which will now also notify/terminate the Atlassian session (if initiated in the same browser - see section on caveats for more information).