...
- ID – An identifier for the request. This must be unique. Basically a random number.
- Version – Indicate SAML version
- IssueInstant – Time instant of issue of the request. The time value is encoded in UTC
- Apart from that, One of following is a required attribute for LogoutRequest request…
- BaseID or NameID or EncryptedID
This indicate the principle (user identifier). Basically name that is known to both IDP and SP.
Also there are few optional elements - NotOnOrAfter – The time at which the request expires in UTC
- Reason – reason for the logout, in the form of a URI reference.
- There are two standard reasons
- urn:oasis:names:tc:SAML:2.0:logout:user – user terminates session and initiates logout
- urn:oasis:names:tc:SAML:2.0:logout:admin – admin terminates session and initiates logout
- There are two standard reasons
- SessionIndex – This is the session identifier that is used to identify the user session with both IDP and SP for given user.
Sources:
http://xacmlinfo.org/2013/06/28/how-saml2-single-logout-works/