Enterprise Edition
Configuring single logout
-
Last updated: June 6, 2024
-
Read time: 1 Minute
Burp Suite Enterprise Edition provides optional support for single logout (SLO). You can configure SLO after you configure SAML SSO.
If you enable SLO, users are automatically logged out of the identity provider when they log out of Burp Suite Enterprise Edition. This prevents users from inadvertently remaining logged in to multiple applications.
To configure single logout:
- Generate a new self-signed x509 certificate.
- Log in to Burp Suite Enterprise Edition as an administrator.
- From the settings menu , select Integrations.
- On the SAML tile, click Edit.
- In Relying trust information, copy the Relying party single logout URL. Leave this page open.
- Go to your identity provider's admin panel and edit the SAML settings for your Burp Suite Enterprise Edition integration.
- Paste the URL from your clipboard into the appropriate field.
- Obtain the Single Logout URL from your identity provider. This may have a different name depending on your identity provider.
- In Burp Suite Enterprise Edition, select Use single logout.
- In the Identity provider single logout URL field, enter the URL you obtained from your identity provider.
- Paste your self-signed certificate in Service provider certificate.
- Paste the private key for your certificate in Service provider private key.
Note
Some identity providers, such as Okta, require that Burp Suite Enterprise Edition signs all the single logout messages that it generates. This is necessary to verify that they come from a trusted source. In this case, you may also need to upload the certificate that you generated to your identity provider.