We are required to use corporate SSO for any authenticated internal websites, and one of the features they require you to implement is a "logout" button.

They provide a whole slew of specifications, including size and placement/visibility, etc. They provide an SSO logout URL you must redirect to after you take care of your own application logout tasks.

Makes sense... except the logout URL they provide to serve the actual SSO logout function broke over 3 months ago, and remains non-functional to this day.

Apparently I'm the first person (and perhaps one of the only people) who reported it, and was told "just not to worry about it".

So, we have a standing feature request to provide a button... that doesn't actually work.

Corporate Security - Making your corporation _appear_ more secure every day...

Gotta love when they give you site credentials to look at their wordpress dashboard but forget to give you the login page.

Am I supposed to spider their site and play a guessing game. Fml.

Wonder if there is a way to scan the login? Athough that would make hiding their login just security theater.

Security theater is not security.

I am still on my mother's cell plan. I pay for it, but she is the primary account holder. We are grandfathered into unlimited no restrictions data, and a new phone yearly, so yeah, not giving that up.

Anyway, when i go to the store to manage the account they say, 'sorry, Sarah needs to come in as the primary account holder.'

'I am sarah' I tell them. I am lying, they know I am lying, and they know I know.

But they have no choice but to go along. I even asked once; they are not allowed to ask for proof of id. I don't know why.

It's just security theater.