Hi Zachary Parrott,
(Edited for clarity) According to Robin Cottiss:
Your Idp needs to support SLO and would need to advertise that fact in it's metadata. A lot of Idp's do not support SLO, or do it in a way that does not match Tableau's expectation.
Are you able to configure Siteminder for SLO? Also - be careful with what you mean by SLO - many customers don't really want SLO they want Tableau Sign Out but to leave the Idp session alive. That can be tricky to set up.
Lénaïc RIÉDINGER, Global Community Engineer Tableau
If you see a Helpful or Correct response, please mark it thanks to the buttons below the targeted post!
I did read the forum post you are referencing (I do not see a Sign Out option with SAML enabled on Tableau Server 9.3 ) but it does not provide the information I am looking for. To clarify, I am actually looking for true Single Logout where both sessions are invalidated.
Like I said in the original post, our IdP does support Single Logout and it is defined in the metadata. Single Logout works as expected when Tableau server is set to Server-Wide SAML Authentication. It does not work when Tableau server is configured with Site Specific SAML with Local Authentication. I just want to know if Tableau supports Single Logout for Site Specific SAML with Local Authentication.
Indeed, it was a possible answer from Robin (thanks!)
I'm sad to learn it didn't help.
I've raised this thread, hopefully one of the experts on our forums can help you better than I did..!