MicroStrategy ONE

Enable Single Logout with OIDC Authentication

Starting in MicroStrategy ONE Update 10, you can enable single logout with OIDC authentication for Library Web through Workstation. Instructions for Okta and Azure are detailed below. For other IAMs, after providing the issuer, MicroStrategy displays the logout mode selection if single logout is supported by the provided issuer.

Okta

  1. Configure OIDC login in Workstation using Enable Single Sign-On with OIDC Authentication. If your IdP supports logout mode, the LogOut Mode field appears below Issuer and you can follow this procedure to set up single logout.

  2. In Logout Mode, choose RP-Initiated.

  3. Copy the Logout Redirect URI.

  4. In the Okta console, go to Applications and add the Logout Redirect URI you copied into Sign-out redirect URIs. Use the following format:

    Copy 
    https://domain:port/MicroStrategyLibrary/auth/oidc/logout

  5. Save your changes in Workstation and the Okta console.
  6. Restart the Library server.

Azure

  1. Configure OIDC login in Workstation using Enable Single Sign-On with OIDC Authentication. If your IdP supports logout mode, the LogOut Mode field appears below Issuer and you can follow this procedure to set up single logout.

  2. In Logout Mode, choose RP-Initiated.

  3. Copy the Logout Redirect URI.

  4. In the Azure console, go to Authentication and add the Logout Redirect URI you copied under Redirect URIs. Use the following format:

    Copy 
    https://domain:port/MicroStrategyLibrary/auth/oidc/logout

  5. Save your changes in Workstation and the Okta console.
  6. Restart the Library server.