** This issues a new ID token, with new attributes if they have changed.
** This may also renew the ID token expiration time.
* The web application (RRP) can '''optionally''' provide a <code>logout</code> URL, which the OpenID Connect Provider (OP) can call to indicate if a user has logged out (so that the web application immediately know when to log the user out as well).
=== Other important security considerations ===