Github user Trojan295 commented on the issue:
https://github.com/apache/nifi/pull/2830
I added a fallback to simply redirect back to NiFi in case the end session
endpoint isn't present.
Tricky thing is, that NiFi automatically starts an login attempt, when an
unauthenticated user accesses NiFi. In case of an IDP like Keycloak, which has
the end session endpoint, then after logout the user is redirected back to
Keycloaks login page.
In case of Google OpenID he gets redirected to them and the SSO mechanism
logs the user again...
---
