Auth0 Home Blog Docs

OAuth token shared in different applications within the same tenant?



I have a frontend (React) application that have deployed into multiple instances with different sub-domain name, e.g,, and I am using auth0 for my login mechanism.

So I have the following object passed in,

  auth0 = new auth0.WebAuth({
    domain: AUTH_CONFIG.domain,
    clientID: AUTH_CONFIG.clientId,
    redirectUri: AUTH_CONFIG.callbackUrl,
    audience : AUTH_CONFIG.audience,
    responseType : AUTH_CONFIG.responseType,
    scope : AUTH_CONFIG.scope
  • domain, responseType, scope are the same across all apps.
  • clientID, redirectUri, audience are different for each app.

But how come the oauth token seems to be shared among apps, meaning if I login to, it seems I am automatically login to and as well?