diff --git a/client/src/components/User/ExternalIdentities/ExternalLogin.vue b/client/src/components/User/ExternalIdentities/ExternalLogin.vue
index e99a1a5d1104..d6b0297fc6d3 100644
--- a/client/src/components/User/ExternalIdentities/ExternalLogin.vue
+++ b/client/src/components/User/ExternalIdentities/ExternalLogin.vue
@@ -173,6 +173,7 @@ export default {
             axios
                 .post(`${rootUrl}authnz/${idp}/login/?idphint=${this.selected.EntityID}`)
                 .then((response) => {
+                    localStorage.setItem("galaxy-provider", idp);
                     if (response.data.redirect_uri) {
                         window.location = response.data.redirect_uri;
                     }
diff --git a/client/src/layout/menu.js b/client/src/layout/menu.js
index a406641c8968..c875cdf9c561 100644
--- a/client/src/layout/menu.js
+++ b/client/src/layout/menu.js
@@ -20,6 +20,11 @@ export function userLogout(logoutAll = false) {
             }
             // Check if we need to logout of OIDC IDP
             if (galaxy.config.enable_oidc) {
+                const provider = localStorage.getItem("galaxy-provider");
+                if (provider) {
+                    localStorage.removeItem("galaxy-provider");
+                    return axios.get(`${galaxy.root}authnz/logout?provider=${provider}`);
+                }
                 return axios.get(`${galaxy.root}authnz/logout`);
             } else {
                 // Otherwise pass through the initial logout response
diff --git a/lib/galaxy/webapps/galaxy/controllers/authnz.py b/lib/galaxy/webapps/galaxy/controllers/authnz.py
index 2b07af637f82..5b64509ece94 100644
--- a/lib/galaxy/webapps/galaxy/controllers/authnz.py
+++ b/lib/galaxy/webapps/galaxy/controllers/authnz.py
@@ -142,6 +142,7 @@ def disconnect(self, trans, provider, email=None, **kwargs):
         return trans.response.send_redirect(redirect_url)
 
     @web.json
+    @web.expose
     def logout(self, trans, provider, **kwargs):
         post_logout_redirect_url = trans.request.base + url_for('/') + 'root/login?is_logout_redirect=true'
         success, message, redirect_uri = trans.app.authnz_manager.logout(provider,
@@ -153,8 +154,8 @@ def logout(self, trans, provider, **kwargs):
             return {'message': message}
 
     @web.expose
-    def get_logout_url(self, trans, **kwargs):
-        idp_provider = trans.get_cookie(name=PROVIDER_COOKIE_NAME)
+    def get_logout_url(self, trans, provider=None, **kwargs):
+        idp_provider = provider if provider else trans.get_cookie(name=PROVIDER_COOKIE_NAME)
         if idp_provider:
             return trans.response.send_redirect(url_for(controller='authnz', action='logout', provider=idp_provider))