Last tested: May 7, 2020
An application will log embed users into Looker, but when they log out of the application, they will not be logged out of Looker.
Looker does not use a /logout endpoint for web sessions. Instead, you will need to make calls to Looker's user_sessions endpoints when the embed user is logging out of the your application
- Get the user's session_id from the GET all_web_login_sessions endpoint
- Delete the session_id using the delete_user_sessions endpoint
Voila, the user's Looker session is deleted when they log out of the application.
Since this solution can be difficult to implement and may not perfectly fit your requirements, there is a Feature request to have a way of terminating the Looker session through the parent app directly: Allow terminating SSO embedded session for an externa_user_id.