Backchannel logout

[zam...@gmail.com]

Hello

I have a question regarding Keycloak backchannel logout

https://www.keycloak.org/docs/latest/server_admin/#backchannel-logout

"

This is a non-browser-based logout that uses direct backchannel communication between Keycloak and clients. Keycloak sends a HTTP POST request containing a logout token to all clients logged into Keycloak. These requests are sent to a registered backchannel logout URLs at Keycloak and are supposed to trigger a logout at client side.

"

1. How would an application request from Keycloak that is wants to initiate backchannel logout? Would I just need to send the *same* request that Is being sent to
/realms/{realm-name}/protocol/openid-connect/logout

but instead send it to:

/realms/{realm-name}/protocol/openid-connect/logout/backchannel-logout

2. My understanding is that Keyecloak, once it gets the request for backchannel logout, would *automatically* POST back to each application client's Backchannel logout URL (if one is defined)

3. Each application then needs to have an endpoint that is able to receive logout token, verifiy it and act accordingly to sign out the user (terminate session, etc, etc), Is there a way to initiate BC logout from Keycloak directly for specific sessions?

Thanks

Z..