Logging out of apps with Single Sign-On (SSO)

Tags NetID sso

Single Sign-on (SSO) provides access to a large number of applications and services provided by Towson University. Please refer to this article first: Logging in with Single Sign-on if you are looking for help with how to log in and access apps and services. 

Logging out of a Single Sign-On application ('log out') means ending your current session with that app. In some cases you may also want or need to log out of all SSO apps. We'll explain how to log out, and when logging out might be advisable. 


Why log out: Security/Privacy, and switching users 

  • Using Personal or Shared/Public Devices:  
    • Scenarios: Accessing TU apps and services from a public or shared device, such as in a computer lab, the Library, internet café, a shared office computer, or a personal device (non-TU owned/managed).  
    • Benefit: Security and Privacy: Logging out prevents subsequent users from accessing your data and helps keep you and the university secure by protecting privacy and sensitive information. 
  • Switching Accounts
    • Scenario: A user needs to switch between different NetIDs, such as Student or Faculty/Staff accounts. 
    • Benefit: Usability with multiple accounts: Logging out of one account and into another ensures that the correct data and settings are applied for each account, avoiding confusion and keeping your sessions separate.

 

How to log out of a single application -or- log out of all SSO apps

  • Coming soon: July 2024 - Logging out of a single app. Click 'log out' (or 'sign out', or equivalent) directly from within the app you are using. This method allows you to log out of a specific app. 
    1. Your session for that app is ended and you will be redirected to the SSO Logoff page. 
    2. Note: If you visit that app again, you may be logged back in automatically (or you may be prompted for which account you want to use). 
    3. Also note: You will also have the option to completely log off from ALL SSO apps by clicking the button on the page (see the next bullet below). 
 
  • Logging out of SSO entirely (all apps). Visit the SSO Logoff page and/or log out of all SSO Apps 
    1. Visit https://logout.towson.edu and click the logoff button.
    2. Performing this step will log you out from ALL SSO apps (including Microsoft 'Office' 365 Apps)
    3. If you wish to access Microsoft M365 or any other SSO apps again, you will need to log in again to establish a new SSO session, Duo MFA may be required.

 

Additional considerations

  • On TU-managed Windows devices, your access to single sign-on apps is tied to your NetID login on that managed device. To log off, just close your browser and/or lock or log out of your device. 

  • There may be exceptions where 'log out' still doesn't work so well. 'Log out' functionality is provided by individual app developers (the companies or organizations that create apps) and there may be some apps that don't handle 'log out' well.  
    • The majority of SSO apps support the methods described above, but some may not. For these exceptions, the recommended action is to close your browser and/or lock your device when you're done. 
    • The Office of Technology Services (OTS) doesn't always have the ability to change how 'log out' works for individual Single Sign-on apps.  
    • If you have a question or concern about a specific SSO app, please open a ticket (instructions below). 
  • Certain apps that provide access to sensitive or privileged data may require you to sign in more frequently as a security enhancement. These apps will automatically log you out after a period of inactivity. You may need to log back in to these apps every 8 hours. 

 

If you still have questions or need help, please submit a TechHelp ticket: Service - Active Directory & SSO

Print Article

Details

Article ID: 150350
Created
Thu 4/4/24 9:41 AM
Modified
Tue 7/2/24 10:49 AM

Related Articles (1)

This knowledge base article covers how to log in with Single Sign-on and how Faculty and Staff will use Duo for multi-factor authentication at login.