SAML Logout Request Fails with "No active session(s) found matching LogoutRequest" Error

Single Sign-OnSessions
Sep 10, 2025
Overview

SAML Logout request fails with "No active session(s) found matching LogoutRequest" error.

 

Symptoms

  • Setting Auth0 as SAML IDP, the logout does not work.

 

Steps to reproduce

Set Auth0 as SAML IDP, and send something different to the following in the logout request:

  • SessionID/Issuer or NameID
Applies To
  • SAML
  • Logout Request 
Cause

Auth0 only supports SessionID/Issuer and NameID. We don't support EncryptedID or BaseID.

 

Troubleshooting

Check the content of the logout request sent by the SP, this example uses nameID, therefore this should work:
 

<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">
        auth0|62042c5e469c9d0070b963db
</NameID>

 

Solution
"The SessionIndex and NameID values in the SAML Logout request need to match the ones received by the service provider in the original SAML assertion."

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community