It is well documented about how to initially configure Active Directory Federation Services (ADFS) and configure claims to reach your applications. But what is not documented well is how to have your application logout through ADFS or any custom provider. In this example we’ve configured an application to allow single sign on (SSO) for active directory users through ADFS. Non-active directory users (external to the organization) are configured to use a 3rd party STS. In this case we’re using Thinktecture Identity Server to act as our 3rd party provider. The first step is to add a SAML Logout Endpoint to the application’s relying party trust configuration in ADFS. In the Endpoints tab, click Add, select endpoint type of SAML Logout, Binding = POST, then enter your logout URL https://<youradfsserver>/adfs/ls/?wa=wsignout1.0 In your application you simply need to add the logout URL for the end user to select. <a id=”A3″ href=”https://<youradfsserver>/adfs/ls/?wa=wsignout1.0″>Logout</a> When Active Directory users are logged out they are automatically directed to this standard ADFS Sign-Out page. When external users are logged out they are automatically directed to their provider’s Sign-Out page.