Denying login to a user already logged in elsewhere?

j.recasens · March 30, 2023, 10:24am

Hi!

I’m new to Auth0, been trying the sample app and customizing things, but we got to a problem with the client requirements:

I got asked to deny the client login if it is already logged in somewhere else.

My understanding is that Auth0 should know about this, about the “not closed” sessions, but I don’t see a way to communicate and get the info. At the same time, I would love not to go the DB route, so I am trying to see how to set up actions and such, but I see that logout itself doesn’t have flow to affect.

Thanks for any feedback or pointers I could get from the community!

matt.g · March 31, 2023, 8:56pm

Hi @j.recasens,

Welcome to the Auth0 Community!

It sounds like what you’re needing is the Sessions API which is scheduled to be released later this year (Q3 I believe). The Sessions API will support features like:

Terminate sessions for applications across multiple channels.
Supports session revocation, access token revocation, and single sign out.

I know this doesn’t immediately solve your problem but I wanted to let you know that there’s a solution on the horizon.

I hope this helps!

Thanks,
Matt

Topic		Replies	Views
Logged in another browser session? Help login-experience , new-universal-login-experience	1	892	January 23, 2024
User is logged in even though he doesn't have access to one of the apps in a tenant Help sessions , authentication-sessions	2	622	September 6, 2023
Login/logout issues Help classic-universal-login-experience , login-experience	1	19	October 24, 2024
Skip authorization if session already exists Help login-experience , login-prompt-new-experience	2	1135	April 7, 2023
Issue with logging out Help classic-universal-login-experience , login-experience	2	548	October 31, 2023

Denying login to a user already logged in elsewhere?

Related Topics