Authenticate to multiple applications with a single sign on

Use Case:

With a single login to an application, access all applications in the tenant without logging in again.

Context:

I have a configuration in my tenant where I have several applications:

  1. Sales site [client_id:123]
  2. SAAS Product [client_id:abc]
  3. Helpdesk [client_id:xyz]

These applications all share the same same connections and user database.

I would like to have users authenticate a single time and then have access to all applications in my tenant, without having to login again.

For example:

  1. visit sales.company.com, login and receive token and session
  2. visit saas-app.company.com, and use the my token to step one to be automatically logged in

Troubleshooting so far:

It seems like I can’t use the aud claim to pass multiple client ids.

It seems like the Auth0 SSO Extension does not solve this use case.