Currently when a federated user logout lastpass extension, he isn't really logout. he can login again without entering credential. This is a security issue and it could cause user leak their important credentials. Lastpass should follow Microsoft document to redirect user to signout completely : https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc#send-a-sign-out-request "Send a sign-out request When you want to sign out the user from your app, it isn't sufficient to clear your app's cookies or otherwise end the user's session. You must also redirect the user to the Microsoft identity platform to sign out. If you don't do this, the user reauthenticates to your app without entering their credentials again, because they will have a valid single sign-in session with the Microsoft identity platform."
... View more