Hi everyone,
We have an issue trying to make SSO work between two auth0 SPAs on different domains but in the same tenant. Let me explain:
We have
App A: www.appa.com
App B: www.appb.com
Both apps have Universal Login set up and working fine by themselves.
We can redirect App B from App A; it automatically authorizes the user, and the login screen is not displayed.
But if we login to App A, and then try to access App B without using App A meaning accessing directly www.appb.com
the login screen is displayed and does not recognize the App A session
The first case is achievable because we are getting the organization id from App A and passing it onto App B when redirecting the users as follows www.appb.com/home?organization=orgId
This is our code to get the authorized URL using buildAuthorizeUrl
from the userAuth0
hook
const { buildAuthorizeUrl } = useAuth0();
const search = useLocation().search;
const organization = new URLSearchParams(search).get('organization');
React.useEffect(() => {
const geturl = async () => {
const invitationUrl = await buildAuthorizeUrl({
redirect_uri: window.location.origin,
audience: process.env.REACT_APP_AUTH0_AUDIENCE,
organization: organization || ''
});
window.location.replace(invitationUrl);
};
geturl();
}, []);
it’s clear to us that it’s not working because if we don’t access App B from App A we don’t have the organizationId hence our buildAuhtorizeUrl will not work.
So we were wondering what could be a workaround for this situation
Thanks in advance for any help