How can I avoid Session sharing between 2 SPA (Single Page Application) in the same tenant?

sumeet · September 23, 2023, 9:12am

Hi,

We have a dev tenant hosting multiple SPAs (Single Page Application).
Auth0 has assigned a unique ClientID for each SPA and each SPA is using @auth0/auth0-react - npm to reduce the boilerplate code.

In its current state, if a user is authenticated in SPA-1 then the user automatically gets authenticated on SPA-2 and both SPA-1 and SPA-2 for the given user share the session.

Is there a way to prevent this behavior? i.e. If a user logs in to SPA-1, opens a new tab, and goes to SPA-2, can we force the user to re-login and prevent this session sharing?

dan.woda · September 26, 2023, 8:19pm

Hi @sumeet,

Welcome to the Auth0 Community!

You should be able to use the Auth0 Management API v2 Patch by client ID endpoint to set

{"sso_disabled":false}

Hope this helps!

sumeet · September 26, 2023, 10:17pm

Thanks @dan.woda for your response, let me try that!

dan.woda · September 27, 2023, 12:27pm

Sounds good. Let us know if it works for you!

system · October 11, 2023, 12:28pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.