I use mod_auth_openidc to implement login on my website. I use multiple providers, so to initiate a login into one I redirect to:
/protected/redirect_uri/?target_link_uri=<urlencoded protected location>&iss=<urlencoded issuer>
which works as expected.
Now I want to initiate a logout in a similar manner, by refering the logout button to:
/protected/redirect_uri?logout=<urlencoded logoutpage>&iss=<urlencoded issuer>
but I simply get a 404. Of course /protected/redirect_uri does not actually exist but for some reson openidc does not handle the logout request.
The logout page is not protected and the provider has an end_session_endpoint in it's metadata.
the slash at the end of the redirect URI matters, if it is not there the request will not be considered as matching