We are currently using auth0.js because it sets cookies using the allowed domains (our app is splitted on subdomains and we need the user logged in across them).
I’ve noticed that auth0-spa-js does not sets the cookies that auth0.js uses.
Is there something im missing?
Thank you for being amazing!
Auth0.js is not really concerned about multiple domains, nor it sets any cookies to handle user sessions (it creates a cookie in the login flow, but just for ensuring the authenticity of the flow, and it’s just a temporary cookie).
The reason you get SSO between multiple domains is that either:
- The app itself is using a cookie shared between the subdomains (which is not something Auth0.js is concerned with, this would be code in your app).
- Multiple parts of the app in different subdomains handle the user session independently, but all rely on Auth0 as a centralized identity service.
In both cases, moving from Auth0.js to auth0-spa-js should give you exactly the same end results. Good luck!