Auth0 Home Blog Docs

JWT token identity needs to be preserved across multiple RDP Session IDs

Hi,

Please let me know if someone has a work around for this problem or has faced similar issue before.

One internet website based at JWT stateful utilization for account Login works well when accessed via the Web. As expected, once you visit the Login URL and logs with username/password, there is no need to repeat Login the next times the same home page URL is visited, unless the token expires (15 days later). However, when the same home page URL is access from a proxy computer reached via RDP, it appears the JWT token is “trapped” inside the RDP Session ID where the Login happened.

  • Every time, the rdp-tcp Session ID randomly selected by Windows is the same ID number where a Login has successfully happened before (via username/password), the website URL home page loads directly and no account credentials are asked again.
  • If the rdp-tcp Session ID is different, Login credentials need to be used again.

I need the RDP access to perform the same as the Web access, so I am looking to have the JWT token reachable by all subsequent RDP connections, or a way to keep Session IDs at a controlled range (ie: 1-5). As a side note, RDP Session IDs are unpredictable and trend to spiral towards a higher number, so I cannot login to a range of Session IDs as a work-around to the problem, because new RDP attempts to connect keep the RDP Session ID rising all the time, unless the servers is restarted.

Many thanks indeed,