Django - auth.logout doesn't honor passed values for name_id_format

[mannyreds11]

I'm getting this error message when attempting to use SLO in Django:
<samlp:StatusMessage>User authenticated at IdP different from User specified in the Request message</samlp:StatusMessage></samlp:Status></samlp:LogoutResponse>
requirements.txt

...
django==5.2.6
python3-saml==1.16.0

settings.json

{
    "strict": true,
    "debug": true,
    "sp": {
        "entityId": "http://127.0.0.1:8000",
        "assertionConsumerService": {
            "url": "http://127.0.0.1:8000/saml2_auth/acs/",
            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
        },
        "singleLogoutService": {
            "url": "http://127.0.0.1:8000/saml2_auth/slo/",
            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
        },
        "NameIDFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
    },
    "idp": {
        "entityId": "https://XXX.com.com:443/fed",
        "singleSignOnService": {
            "url": "https://XXX.com:443/fed/v1/idp/sso",
            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
        },
        "singleLogoutService": {
            "url": "https://XXX.com:443/fed/v1/idp/slo",
            "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
        },
        "x509cert": "XXX"
    }
}

I am able to login via:

auth.login()

but logout fails with:

slo_url = auth.logout(
    name_id=saml_nameid,
    name_id_format=saml_nameid_format,
    session_index=saml_session_index
)
print("LogoutRequest XML:\n%s", auth.get_last_request_xml())

output:

<samlp:LogoutRequest
   xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
   xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
   ID="ONELOGIN_3de231f5330cb9860a18400dcb8aefab837a6d71"
   Version="2.0"
   IssueInstant="2025-09-24T04:03:40Z"
   Destination="https://XXX:443/fed/v1/idp/slo">
     <saml:Issuer>http://127.0.0.1:8000</saml:Issuer>
     <saml:NameID>myuser@email.com</saml:NameID>
     <samlp:SessionIndex>id-XXX</samlp:SessionIndex>
 </samlp:LogoutRequest>

if I call it without the name_id_format it removes the tags and seems to insert a default Format that doesn't match either:

 <samlp:LogoutRequest
   xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
   xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
   ID="ONELOGIN_ec33f1df0d7689dbc41d2461f14f6da9d6542000"
   Version="2.0"
   IssueInstant="2025-09-24T04:27:48Z"
   Destination="https://XXX:443/fed/v1/idp/slo">
     <saml:Issuer>http://127.0.0.1:8000</saml:Issuer>
     <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://XXX:443/fed</saml:NameID>

 </samlp:LogoutRequest>

[pitbulk]

That is how the toolkit is implemented in case no NameID value is provided

if name_id is not None:
    if not name_id_format and sp_data["NameIDFormat"] != OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED:
        name_id_format = sp_data["NameIDFormat"]
    else:
        name_id = idp_data["entityId"]
        name_id_format = OneLogin_Saml2_Constants.NAMEID_ENTITY

Make sure you store in your session the saml_nameid from the SAMLResponse and inject it into the auth.logout call.

Have you checked the Django Demo code?