Hi,

We have configured our keystone and Horizon to work with multiple OIDC Providers and through API I can successfully authenticate with the two providers. When I authenticate through the Horizon dashboard, I can successfully authenticate with both providers if I use two separate browser sessions, If I use the same browser session, I log in with one provider, log out, and then log in with the other, given that the user token is stored, I get an authentication error. The reason for the error is that the token was issued by the first provider and thus it is not accepted as a valid by the second. Is it possible to configure Horizon to revoke/delete a user token at logout or provide session isolation without changes on the provider side?

Thank you and best regards, Michele Delli Veneri