Can I share auth cookies between two browser sessions?

guy1812 · February 5, 2020, 7:32pm

I wonder if something is possible:

On my mobile app (react-native), I use WebAuth to open the universal login (happens on safari as in-browser), and by a passwordless method I login.
I have a Wordpress app with the wp-auh0 plugin.

From my mobile app I am opening an In-Browser (again - iPhone so safari by default) to render the Wordpress and when clicking login I am directed to the universal login page and asked to run the passwordless flow again.
I know that using a cookie the universal login doesn’t need to go through the flow again once completed.

Is there a way that after I am running auth with my app, that when I will open auth on another In-Browser it will use the cookie and automatically log me in and redirect me back?

rashid779939 · February 6, 2020, 5:24am

I believe its not possible because cookies are store on both server and client browser and update every time browser make any request to server. Server also store browser information with cookies. So it won’t be possible for two browser having same cookies.

guy1812 · February 6, 2020, 6:39am

@rashid779939 thanks for your response.
It is the same browser (Safari on my IOS), so cookie should work right?

guy1812 · February 6, 2020, 6:52am

Im not sure how to write it in proper English but Im talking about -
Two web apps, using the same universal login over safari, same Auth0 client.
Eventually the login is performed on my auth0 tenant domain. so I expect Safari to auto login with the ccokie, but it is not (as shown in the video)

rashid779939 · February 6, 2020, 7:14am

As i told ealier cookies store on server side store informations about browser. If you have two different app then it is obvious that they will have two differebt URL. Cookies are linked with URL too so it won’t be possible in this case too.

guy1812 · February 6, 2020, 7:36am

But on the moment of login, the url is the Auth0 Url (using the universal login).
So same url…

It can be seen here in the video. On both cases the login is on the same url (using redirects)

guy1812 · February 9, 2020, 10:03am

Has anyone tried this scenario and can say if it should work?

rashid779939 · February 11, 2020, 6:52am

Have you triesd this on chrome or any other browser just to verify. If not then please do this.

konrad.sopala · February 11, 2020, 11:41am

Yep and let us know how it behaves!

guy1812 · February 11, 2020, 2:54pm

Update: I gave wrong info before and now correcting myself:
It work with chrome. You can see it with two wp sites connected to the same Auth0 app:
http://3.10.108.127/
http://15.188.181.32/
After you log in to one, the second is auto signing you in.

Still the same result cannot be achieved when one app is a mobile app and the browser is in-app-browser.
I will update on future findings.

konrad.sopala · February 14, 2020, 8:12am

Perfect! Thanks a lot for that!

guys202003 · September 4, 2020, 8:45am

Hi,
Has there been any update regarding this issue?
We are also facing this challenge at present.
Is it possible to share credentials within a mobile app’s browser?
Thanks