Auth0 Home Blog Docs

How do I correctly implement and detect SSO sessions with the new API Authorization features?

sso
session
auth0js

#1

With the old flows, I was just using Auth0.js’ getSSOData method to detect if an SSO session existed, and if so, I would redirect to Auth0 to automatically log the user in.

I’ve heard that using getSSOData is discouraged now, but I can’t figure out what the “correct” way to detect this. Please note that I’m talking about the Auth0 session as mentioned in this document.


#2

If your client is meant to detect an SSO session, the correct way would be to use silent authentication to detect this. Auth0.js (currently at v8) provides a method renewAuth as documented here to make this flow easier.

The way this flow would work is:

We have a very simple sample here that illustrates how this can be implemented.


#3