Customizing Single Logout Using Journeys, Conclusion & Recap

This concludes the series Customizing Single Logout Using Journeys. It contains links to each individual section as well as the completed Journey utilizing the skills learned in each section.


By using Journeys, we are able to capture a user’s session, control external sessions via API calls, terminate their ForgeRock session, and redirect them to custom endpoints. Effectively, Journeys let us create Universal Single Logout regardless of the implementation from an external application.

While building this universal logout, we additionally learned the following skills:

  1. Capturing the user’s existing browser session
  2. Sending out an external API request to terminate an external session
  3. Invalidating the user’s ForgeRock session
  4. Redirecting the user to a custom URL

These toolsets should give you the confidence and power to create an endless number of interesting and useful Journeys for your users and your team.

The Completed Journey

The complete Journey, using the Journeys developed in the previous parts, can be found here:

Customizing Single Logout Using Journeys, Complete

A consolidated version of the Journey, without inner trees or testing output, can be found here:

Customizing Single Logout Using Journeys, Consolidated

Enhancements/Next Steps

  • As noted in previous sections, consider using Library Scripts for common/reusable actions such as gathering cookie data, accessing IDM attributes, and calling external APIs. This will greatly improve your code reusability across your Journeys.
  • Depending on your use case, consider updating your error messages to more robustly inform the user (and you!) what went wrong during the execution of the Journey.
  • To more easily manage and understand attributes on your Identities when referencing in code and in the administrative console, consider adding custom attributes.

Further reading

1 Like