app 1: using the react configuration
app 2: uses vanilla JS configuration
app 2: uses a event to trigger to auth0Client.handleRedirectCallback()
if i login to app 1 i would expect app 2 to be able to use the cookie to login, how ever it does not, and im at a lose to why,
single Username-Password-Authentication connection, using 2 applications on the same domain. any advice or pointers to articles that would help.
Issue could be due to multiple factors: SameSite cookie attributes, subdomain handling, or incorrect Auth0 client setup. Make sure:
Both apps share the same Auth0 domain and client_id.
Cookies are set with SameSite=None; Secure if apps are on different subdomains.
Use checkSession method in App 2 to check for existing session.
For App 2, on page load or event:
auth0Client.checkSession({}, (err, authResult) => {
if (authResult && authResult.accessToken) {
// User is logged in
// Set user session
} else {
// Handle error or login
}
});
For more details, refer to Auth0’s SSO documentation: Auth0 SSO.
If issue persists, debugging steps:
Check browser console for errors.
Inspect network tab for failed requests.
Check Auth0 logs for anomalies.
No partial answers, just actionable steps. Hope this helps.