How can I avoid Session sharing between 2 SPA (Single Page Application) in the same tenant?

sumeet · September 23, 2023, 9:12am

Hi,

We have a dev tenant hosting multiple SPAs (Single Page Application).
Auth0 has assigned a unique ClientID for each SPA and each SPA is using @auth0/auth0-react - npm to reduce the boilerplate code.

In its current state, if a user is authenticated in SPA-1 then the user automatically gets authenticated on SPA-2 and both SPA-1 and SPA-2 for the given user share the session.

Is there a way to prevent this behavior? i.e. If a user logs in to SPA-1, opens a new tab, and goes to SPA-2, can we force the user to re-login and prevent this session sharing?

dan.woda · September 26, 2023, 8:19pm

Hi @sumeet,

Welcome to the Auth0 Community!

You should be able to use the Auth0 Management API v2 Patch by client ID endpoint to set

{"sso_disabled":false}

Hope this helps!

sumeet · September 26, 2023, 10:17pm

Thanks @dan.woda for your response, let me try that!

dan.woda · September 27, 2023, 12:27pm

Sounds good. Let us know if it works for you!

system · October 11, 2023, 12:28pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Disable an Auth0 application to use user sessions of other Auth0 applications under the same tenant Help sso , application	6	962	December 18, 2023
Sharing session between 2 web apps on different subdomains Help	11	13856	August 25, 2023
Is there any way to switch between applications in auth0? Help login-experience , new-universal-login-experience	2	435	November 28, 2023
Restrict multiple logins for a user in SPA application Help sessions , refresh-token-revocation	4	1151	December 19, 2023
Issue with Session Sharing Across Different Auth0 Applications and Domains Help sessions , authentication-sessions	2	14	September 5, 2024

How can I avoid Session sharing between 2 SPA (Single Page Application) in the same tenant?

Related Topics