GitHub user dosubot[bot] added a comment to the discussion: How to update user datas every they login SSO in Superset 5.0.0?
<!-- Answer --> Superset does not provide built-in combined logout for Azure AD, but you can implement it by customizing the logout flow. The standard approach is to subclass the relevant AuthView (like `SupersetAuthView` or `AuthOAuthView`) and override the `logout` method to first perform the local logout, then redirect the user to Azure AD's logout endpoint. For Azure AD, the logout URL is: ``` https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/logout?post_logout_redirect_uri=<your_superset_login_url> ``` Replace `<tenant_id>` with your Azure AD tenant ID and `<your_superset_login_url>` with your Superset login page URL (e.g., `https://your-superset.example.com/login/`). Here’s a minimal example of how to customize the logout behavior: ```python # custom_auth_view.py from superset.views.auth import SupersetAuthView from flask import redirect, request from urllib.parse import quote class CustomAuthView(SupersetAuthView): @SupersetAuthView.expose('/logout/', methods=['GET', 'POST']) def logout(self): # Perform local logout response = super().logout() # Redirect to Azure AD logout tenant_id = "<your-tenant-id>" post_logout_redirect_uri = quote(request.url_root.strip('/') + self.appbuilder.get_url_for_login) azure_logout_url = ( f"https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/logout"; f"?post_logout_redirect_uri={post_logout_redirect_uri}" ) return redirect(azure_logout_url) ``` Then, in your `superset_config.py`, wire up your custom view: ```python from custom_auth_view import CustomAuthView CUSTOM_AUTH_VIEW = CustomAuthView ``` This will ensure that when a user logs out, they are logged out from both Superset and Azure AD in one step. You may need to adjust the import paths and make sure your custom view is registered correctly. Caveats: This approach logs the user out of Azure AD in their browser, which may affect other Azure-signed-in apps in the same session. If your deployment URL changes, update the `post_logout_redirect_uri` accordingly. Reference: [Superset configuration docs, Keycloak logout example](https://github.com/apache/superset/blob/829e4d92d91ceae4b43b1ed3b063ffe45377799c/docs/docs/configuration/configuring-superset.mdx) <!-- Dosu Comment Footer --> *To reply, just mention [@dosu](https://go.dosu.dev/dosubot).* --- <sup>How did I do? [Good](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=great_response) | [Irrelevant](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=irrelevant_answer) | [Incorrect](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=incorrect_sources) | [Verbose](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=too_verbose) | [Hallucination](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=hallucination) | [Report 🐛](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=bug_report) | [Other](https://app.dosu.dev/response-feedback/2c31bbb2-435f-4094-9174-c8068d1c54a9?feedback_type=other)</sup> [](https://app.dosu.dev/a28d3c7e-a9d3-459e-9fb6-3a6f9ff4f357/ask?utm_source=github)& nbsp;[](https://go.dosu.dev/discord-bot) [](https://twitter.com/intent/tweet?text=%40dosu_ai%20helped%20me%20solve%20this%20issue!&url=https%3A//github.com/apache/superset/discussions/34608) GitHub link: https://github.com/apache/superset/discussions/34608#discussioncomment-14091118 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
