Skip to main content

Known Issue

 Marije Schillern (MarijeSchillern)
MOD
Senior Knowledge Management Specialist
Pegasystems Inc.
GB
MarijeSchillern Member since 2012 57 posts
MOD
Posted: 18 hours 59 minutes ago
Last activity: 18 hours 59 minutes ago
Posted: 19 Aug 2025 5:39 EDT
Last activity: 19 Aug 2025 5:39 EDT

Constellation does not display custom screen after logout

Issue

Pega Constellation does not display a custom screen after logout.

Symptoms and Impact

Constellation logoff does not allow the loading of Pega's custom logoff screen from Web-Session-Return.

Steps to Reproduce

1. Design the application to load a custom logoff screen from the Web-Session-Return HTML. 

2. Log in to the Constellation application using any Authentication service (SAML, OIDC, LDAP, Basic) 

3. Log out from the Constellation application.  The logoff screen will not be displayed.

 

Root Cause

Constellation applications use a different logout architecture compared to Traditional UI, relying on a platform logout API that returns an HTML response with a redirect URL.  

This redirect behavior can conflict with client-side authentication mechanisms, leading to unintended re-authentication. 

The issue arises due to the following architectural differences between Traditional UI and Constellation applications in Pega: 

  1. Constellation Logout Flow 

  • Constellation uses the Pega platform’s logout API to log off users. 

  • The logout response returns an HTML page containing a <META http-equiv="refresh"> tag. 

  • Constellation’s JavaScript parses this tag and redirects the browser to the specified URL. 

  1. Client Authentication Logic 

  • Many client applications use custom SSO authentication mechanisms that automatically log users in when the login screen is loaded. 

  • As a result, redirecting to the login screen after logout causes immediate re-authentication, taking users back to the portal instead of showing a logoff screen. 

  1. Design Gap 

  • Traditional UI supports displaying a custom logoff screen

  • Constellation, by default, does not support this behavior. This leads to inconsistent logout experiences across traditional and constellation applications. 

Solution

An enhancement request to make the Constellation Portal EndSession Redirect functionality configurable has been logged but has not yet been assigned to a specific release.   

This Known Issue document will be updated with release details when the enhancement for this issue is available.

References

Configuring advanced application settings 

Specifying preauthentication and postauthentication activities for a SAML SSO authentication service 

OIDC session not terminated when logout 

 

To see attachments, please log in.
Pega Platform 8.8.5
Pega Platform 24.2.2
Pega Platform 24.2.1
Pega Platform 24.1.3
Pega Platform 23.1.4
Pega Platform '24.2
Pega Platform '24.1.2
Pega Platform '24.1.1
Pega Platform '24.1
Pega Platform '24
Pega Platform '23.1.3
Pega Platform '23.1.2
Pega Platform '23.1.1
Pega Platform '23
Pega Platform
Security
Constellation
System Administration
Known Issue and Workaround
Known Error
Found in Version header: Pega Platform '24.1.1
Fixed in Version header: Pega Platform

Did you find this content helpful?
Yes
No

  • Reply

Related content:

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice