Auth0 user session persistence under classic experience

gloria · July 26, 2021, 4:33pm

Background: Vue3 Single Page Application
Issue: Auth0 classic experience (Classic Universal Login Experience), after user logged in, then refresh the page, the user is required to log in again (the session is not persisted)
Question: In auth0, how to persist the login session when using Classic Experience?
Definition and more info: New Universal Login Experience
Under title “How it is different from Classic Universal Login”, it says:

Single Sign-on (SSO) and Silent Authentication will work properly, which does not happen in the Classic Experience.

marcus.baker · July 27, 2021, 1:00am

Hi!

That bullet point in the docs you pasted is for using social connections with auth0 Development Keys, which is not recommended or supported in a production environment.

The Auth0 session in the browser is handled by the auth0 cookie for both Classic Lock and New Universal Login.

Newer browser restrictions can make it harder for a SPA to perform silent authentication.

One way around this is to use a Custom Domain.
You can also utilize Refresh Tokens as another avenue for SPAs.

Auth0 Authentication API Cookies:

Auth0 Custom Domains:

Securing SPA apps with Refresh Token Rotation:

Hope this helps!

konrad.sopala · July 27, 2021, 9:33am

Thanks for helping on this one Marcus!

Topic		Replies	Views
How to use refresh tokens on a SPA (Vue)? Help login-experience , new-universal-login-experience	8	2102	August 21, 2023
Persisting login on refresh with refresh token rotation Help auth0 , login	3	5846	February 11, 2021
Using a persistent login Help	4	4368	June 15, 2020
Renewal of tokens in a SPA Help spa , refresh-tokens , tokens	3	7127	March 2, 2018
Auth0 not maintaining session in normal browser window Help token , lock , jwt , session	7	10118	August 26, 2019

Auth0 user session persistence under classic experience

Related Topics