I know that Auth0 provides SSO, but I am not sure whether it is browser Independent or not?
My concern is that when I am logging in an application in chrome and it redirects me to Dashboard after authentication , then will I be able to open my authenticated page(Dashboard) in Edge or other browsers or not?
Any help will be much appreciated…
Hi @sayemkhan435,
Welcome to the Auth0 Community!
I understand that you have some questions about SSO.
First, Single Sign-On works by having a central server, which all applications trust.
When a user logs in for the first time, the central server generates a cookie and saves it in the browser’s cookie storage.
The next time the user tries to access a second application, they are redirected to the central server to check if a cookie exists in storage. If so, they will get redirected directly to the app with a token, without login prompts, indicating a session.
Therefore, authenticating with SSO is dependent on browser cookies. https://auth0.com/docs/users/cookies
Here is an illustration of SSO:
Please let me know if you have any questions. I’d be happy to clarify.
Thank you.
Thanks @rueben.tiow , It means that Auth0 depends on browser cookies , also we cant access the authenticated page in other browsers(like Edge as there are no cookies in Edge browser). So this means we can only use a single browser.
Right?
Hi @sayemkhan435,
Thank you for your response.
Yes, that is correct. Auth0 SSO is dependent on browser cookies.
AFAIK, by default, Microsoft Edge does support cookies. But, circling back to your original question:
It will not be possible to achieve SSO across different browsers. You could verify this behavior as well by testing this on your local machine.
Once you log in to your Dashboard using Google Chrome, that cookie will reside within Google Chrome itself. Accessing Microsoft Edge or any other browser will not be aware of the authentication session (stored as a cookie) since that information is browser-dependent. That is, only Google Chrome has information stored about the authenticated user’s session.
For Microsoft Edge or any other browser to be aware, the user must re-enter their credentials to log in. Doing so creates a cookie within Microsoft Edge.
The canonical way SSO works is within a single web browser. For example, if you are already authenticated on Gmail using Google Chrome, then there is no need to log into Youtube or any other Google services.
Hoped this helps! Please let me know if there are any questions.
Thank you.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
