Auth0.js is not really concerned about multiple domains, nor it sets any cookies to handle user sessions (it creates a cookie in the login flow, but just for ensuring the authenticity of the flow, and it’s just a temporary cookie).
The reason you get SSO between multiple domains is that either:
- The app itself is using a cookie shared between the subdomains (which is not something Auth0.js is concerned with, this would be code in your app).
- Multiple parts of the app in different subdomains handle the user session independently, but all rely on Auth0 as a centralized identity service.
In both cases, moving from Auth0.js to auth0-spa-js should give you exactly the same end results. Good luck!