I have SAML SSO setup for my organization, but whenever a user clicks the "Sign Out" button in their email inbox, it takes them to the Zoho logout page instead of the logout page specified in the SAML settings.

This is an issue and it poses as a security threat because clicking the "Sign Out" button does not sign the user out of the SAML app like it should, and the email inbox can be accessed without a password by anyone with the device.

In order to prevent this, the user must logout of Zoho Mail, and then logout in the SAML portal.

This is a huge problem because if a user forgets to sign out in both Zoho Mail and the SAML app, anyone has access to their email. The logout URL is specified in the SAML settings correctly but it is not applied.

Any help would be appreciated, as this is a huge security issue.

Thanks