> ## Documentation Index
> Fetch the complete documentation index at: https://auth0.com/llms.txt
> Use this file to discover all available pages before exploring further.

> Describes how to force a user to log out of applications using the Auth0 logout endpoint.

# Log Users Out of Applications

Enterprise users typically have <Tooltip tip="Single Sign-On (SSO): Service that, after a user logs into one applicaton, automatically logs that user in to other applications." cta="View Glossary" href="/docs/glossary?term=Single+Sign-on">Single Sign-on</Tooltip> (SSO) enabled for multiple applications (e.g., SharePoint, a few .NET applications, a few Java applications, Zendesk). In this case, when users sign out, often they must be signed out for all of their applications.

The Auth0 [RP-initiated logout endpoint](/docs/authenticate/login/logout/log-users-out-of-auth0) works in one of two ways:

* Invalidates the Single Sign-on (SSO) cookie in Auth0. (The cookie still remains in the browser.)
* Signs the user out from the <Tooltip tip="Identity Provider (IdP): Service that stores and manages digital identities." cta="View Glossary" href="/docs/glossary?term=identity+provider">identity provider</Tooltip> (IdP) (such as ADFS or Google).

Redirecting users to the logout endpoint does not cover the scenario where users need to be signed out of all of the applications they used. If you need to provide this functionality you will have to handle this in one of two ways:

* Have short timeouts on your local session and redirect to Auth0 at short intervals to re-authenticate. This can be done by calling `checkSession` from the client which does this redirect in a hidden iFrame. If you take the hidden iFrame approach you need to be aware of [rate limits](/docs/troubleshoot/customer-support/operational-policies/rate-limit-policy) and third-party [cookie](/docs/manage-users/cookies) issues.
* Handle this entirely at the application level by providing your applications a way to notify all other applications when a logout occurs.

If you are using the alternative logout endpoint, review the [API documentation](https://auth0.com/docs/api/authentication#logout).

## Learn more

* [Log Users Out of Auth0 with OIDC Endpoint](/docs/authenticate/login/logout/log-users-out-of-auth0)
* [Log Users Out of Identity Providers](/docs/authenticate/login/logout/log-users-out-of-idps)
* [Log Users Out of SAML Identity Providers](/docs/authenticate/login/logout/log-users-out-of-saml-idps)
* [Redirect Users with Alternative Logout](/docs/authenticate/login/logout/redirect-users-after-logout)