diff --git a/roles/matrix/templates/homeserver.yaml.j2 b/roles/matrix/templates/homeserver.yaml.j2
index e1645266..319c35f9 100644
--- a/roles/matrix/templates/homeserver.yaml.j2
+++ b/roles/matrix/templates/homeserver.yaml.j2
@@ -148,6 +148,7 @@ oidc_providers:
     client_secret: "{{ vault_matrix_openid_client_secret }}"
     scopes: ["openid", "profile", "email", "roles"]
     allow_existing_users: false
+    backchannel_logout_enabled: true
     user_mapping_provider:
       config:
         localpart_template: "{{ '{{ user.preferred_username }}' }}"
diff --git a/tf-stage2/keycloak.tf b/tf-stage2/keycloak.tf
index 69cd6970..c0798ab2 100644
--- a/tf-stage2/keycloak.tf
+++ b/tf-stage2/keycloak.tf
@@ -839,6 +839,9 @@ resource "keycloak_openid_client" "matrix_openid_client" {
   valid_redirect_uris = [
     "https://matrix.archlinux.org/_synapse/client/oidc/callback"
   ]
+
+  backchannel_logout_url              = "https://matrix.archlinux.org/_synapse/client/oidc/backchannel_logout"
+  backchannel_logout_session_required = true
 }
 
 resource "keycloak_openid_user_realm_role_protocol_mapper" "matrix_user_realm_role_mapper" {