SLO (Single Logout URL) is a way to logout not only from the SP (== the application that authenticates users via SAML), but also from the IdP (the service it's authenticated against). See also
Even though there's no full support for it in passport-saml, it seems as if it's basically doable:
I'd offer myself as tester for that :)