why ory provide different sid for different id token , even if the apps are logined in same browser, is it expects so? then how can we notify other rps throgh back channel logout while loging out from one rp, currently back channel logout request is coming only to logout initiating rp.

Hey @loud-librarian-69749 Ory’s handling of session identifiers (

sid

) and the behavior of back-channel logout can be understood within the context of OpenID Connect (OIDC) specifications and Ory’s implementation of these standards. The behavior of issuing different session identifiers (

sid

) for different ID tokens, even when the applications (Relying Parties, RPs) are logged in within the same browser, aligns with the principles of session management in OIDC. Each RP establishes its own session with the user, and the

sid

claim in an ID token is meant to represent the session between that particular RP and the user. This design allows for granular control over sessions and logout processes, ensuring that actions in one application do not inadvertently affect another.

so backchannel_logut request will get only to initaingn rp?