Auto login users to their mobile browser - New Universal Login - Angular SDK

Hi,

We are developing a new SPA web application in Angular with Auth0 New Universal Login.

We have a requirement where we need allow the logged in users to to continue their sessions on their mobile browsers without entering the credentials again.

One approach could be to generate an encrypted URL (along with the auth token) from their ongoing session in the desktop browser. Users will then enter the URL in their mobile browser to autologin and continue their session there.

I was wondering if it is possible to share the user session accross different devices? Note that New Universal Login is implemented using SDK longwithredirect method, so we don’t have much control there. If its not possible, what are my options to achive that?

Thanks.

Hey there @demoauth0 welcome to the community!

Just to clarify - Users are logging in to a SPA on a different device (desktop) and then moving to a mobile browser, correct? Are they accessing the same SPA app or will there be a mobile app involved?

1 Like

Hi,

Thanks for the response.

Yes, users would logon to the desktop web app and then move to the mobile browser. It will load the same web app. There is no Mobile app as of now.

Appreciate your help.

2 Likes

No problem, happy to help!

You should be able to achieve this by configuring silent authentication which will check for a session at the authorization server (Auth0) and return tokens accordingly. The Angular SDK has a getAccessTokenSilently method specifically for this use case.

1 Like

Hi Tyf,

Thanks. On the target mobile browser we tried calling getAccessTokenSilently instead of loginWithRedirect method but it landed us on the login page. Is there any additional configuration required at the tenant level?

Hey @demoauth0 thanks for confirming - I should’ve been more clear in my previous response in that this is only possible if the mobile browser/application is already aware of the user and/or the browser implements some sort of synchronization. Without one of these then the behavior you’ve described is expected. That is, without any knowledge of the user they will be prompted to login.

Hi Tyf
Thanks for clarifying. Just wondering, if its possible to inject the token in the SDK so that it is aware of the user (in the mobile browser)?

Can you please elaborate what do you mean by synchronization the two browsers? Did you meant transferring the auth0 cookies?
Thanks.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.