Potential issue for users on shared devices -
I’ve noticed that Discourse will not log out an authenticated user if a different user is attempting SSO in the same browser session, until that user physically clicks “logout” inside of Discourse’s dropdown menu (i.e. If Joe logs out of my web app, and Sally then logs into my web app…Sally will still enter Joe’s authenticated Discourse instance after SSO until Sally manually logs out from Discourse’s dropdown menu, at which point she is then authenticated back into Discourse under the correct account). Is this a Discourse issue? We can always use the API to logout a user, but that wouldn’t help in the event of a session timeout within my web app unless the Discourse session times out at the same time. Any ideas?