The oidc_session_management feature enables a way, in the manner described in the RFC (i.e. providing a session_state parameter in the Authorization response, and support the setup of an OP iframe), for the RP to know when a user has logged off in the OP, so it can log out, or send the user back to the authentication flow.
The way to enable it is as follows:
plugin :rodauth do
enable :oidc_session_management
end
Client applications should use this endpoint as the src property in the OP iframe they’ll have to set as part of the RP/OP iframes communication flow.
An example RP application is provided here for testing purposes.