I’m working with some customers who are looking for OIDC session management best practices, and they generally would like to know if Auth0 is compliant with OIDC session_state parameter. I’m assuming Auth0 is compliant with this, and using iframe techniques on SDKs. Any comments would be appreciated.
https://medium.com/@technospace/managing-sessions-with-openid-connect-d3b6fb4f552b