*Issue
==*
Current Version: RH_SSO 7.6.0 GA
logoutRedirect: Error
—
Invalid parameters: redirect_url
—

The specifications require the id_token_hint to avoid the confirmation screen. Here, Where the customer gets a confirmation screen.

1. Cu try to integrate two Red Hat products (OpenShift and SSO) and the integration (partially) fails when we attempt to rely on a standard OpenId Connect Logout specification.

2. Cu has an OAuth resource configured properly. And we change the logout URL of the openshift console to enable a redirection after logout.

OCP
==
https://issues.redhat.com/browse/OCPBUGS-3550 << Please visit the given link, it will helpful for the investigation

Customer Request
~~~
Customer looking for a configuration that would allow the OIDC token hint to be appended to the logout URL of the OpenShift console. So upon logout the user does not have a confirmation dialog (https://www.keycloak.org/2022/04/keycloak-1800-released).

For example, it could be a new parameter in the console resource `appendIdTokenHint` like:
```
apiVersion: config.openshift.io/v1
kind: Console
metadata:
annotations:
[...]
labels:
lih.lu/argocd-cluster: authentication
name: cluster
resourceVersion: '334124762'
uid: cee52aeb-9219-423c-b999-3d5c05698b31
spec:
authentication:
logoutRedirect: >-
https://sso-uat.lih.lu/auth/realms/devops-uat/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fconsole-openshift-console.apps.ocp4-uat.ibbl.lu <----------
appendIdTokenHint: true <==========
status:
consoleURL: 'https://console-openshift-console.apps.ocp4-uat.ibbl.lu'
```

So when a user clicks the logout button in OpenShift console, his/her browser navigates to:

https://sso-uat.lih.lu/auth/realms/devops-uat/protocol/openid-connect/logout?post_logout_redirect_uri=https%3A%2F%2Fconsole-openshift-console.apps.ocp4-uat.ibbl.lu&id_token_hint=xxxxxxxxxxxxxxxxxxx
Where xxxxxxxxxxxxxxxxxxx is the token hint of his/her session.
~~~