Auth0 Home Blog Docs

Basic SSO not working

sso

#1

I’m trying to setup a simple SSO between two clients, and have set it up according to the instructions with compliant OIDC. I can call authorize() on the Auth0.js component, and get redirected to the login page correctly and can sign in, get the token and all is good.

However if I then call authorize() a second time, either in the same client or in a second client, I have to login again. It does not recognize that I am already logged in.

I understand there is a cookie that should tell the auth0 server I am already logged in and bypass the login screen - can someone help me out, or at least let me know the name of the cookie so I can check it is being set?


#2

Technically the cookie name is an implementation detail and subject to change, however, for troubleshooting reasons you should check what cookies are being set for the domain [your_auth0_domain].auth0.com as that it’s where the authorization endpoint and subsequent login operation are performed. In particular, at this time you may want to at least check a cookie going by the name of auth0 as a quick test proved that deleting it had an impact on the existing user session.


#3

Ah, I see what is happening now…
It actually is logged in, but I am seeing the screen that says “Last time you logged in with” instead of being redirected straight back to the host app. This isn’t what I expected but seems is the default behaviour (https://community.auth0.com/questions/2263/seeing-last-time-you-logged-in-with-during-authori)
I see I can use prompt=“none” but this will fail if there is no active session - I guess I can then re-authorize without prompt=“none” but would be easier if I can disable the “Last time you logged in with” screen. Is this possible?


#4

To answer my own question, I changed this to use slient login and it now works just as I expect
This code is probably totally dodg, but it works for my test so I am happy :slight_smile:
public login(): void {
this.mgr.checkSession({}, (err, authResult) => {
console.log(‘checkSession’);
console.log(err);
console.log(authResult);
if (err)
{
this.mgr.authorize();
}
else
{
// Set the time that the access token will expire at
const expiresAt = JSON.stringify((authResult.expiresIn * 1000) + new Date().getTime());
localStorage.setItem(‘access_token’, authResult.accessToken);
localStorage.setItem(‘id_token’, authResult.idToken);
localStorage.setItem(‘expires_at’, expiresAt);
}
});
}


#5

(Sorry about the formatting - tried many times to fix it but doesn’t seem to want to work)


#6