Authenticate only once to multiple clients


I am currently using Auth0 in order to authenticate users to a SPA and to allow them to make calls to an API.
In order to improve the solution I want users to be able to write/read secrets stored in a Vault (Hashicorp Vault) directly from the SPA.
This means that i’ll have 2 applications with different client_id configured in Auth0 : the SPA and a regular web App for Vault.
To simplify user’s experience I want them to authenticate only once on the SPA and to automatically have access to their personal secret store in Vault.
I feel that this is possible as both applications are in the same domain however i can’t figure how…

Hi @LeoSlr

This sounds to me like it should just work. As long as both applications use the same Auth0 tenant for authentication, the session should exist for the second login and they should not have to enter their credentials again.


1 Like