We have two applications (app1, app2) where both are implemented as ASP.NET MVC and AngularJS applications.
Currently, we allow administrators to impersonate users into app1 and have recently added app2 into the system where we would like our impersonated user to transition between app1 and app2 without having to sign in again.
However, we are unable to get single sign on working when navigating to app2 as the impersonated user. If we were to sign into app1 (not impersonating), we can navigate to app2 and SSO works without any issues.
The impersonation logic has been implemented by the Authentication API.
https://auth0.com/docs/api/authentication#impersonation
The SSO logic has been implemented by using Auth0.js v7.6.1
auth0.getSSOData(function (err, ssoData) {
if (!err && ssoData && ssoData.sso) {
auth0.login({
connection: ssoData.lastUsedConnection.name
});
} else {
lock.showSignin({
authParams: {
scope: 'openid profile'
},
callbackURL: '@ViewData"auth0CallbackUrl"]',
closable: false,
disableResetAction: false
});
}
});
Is there a specific request parameter that needs to be included when calling the impersonation API to enable SSO?