OWIN SSO on dev machine

I have two applications configured in my tenant, and have two identical copies of OWIN Sample running on my local machine (IIS Express), on two different localhost ports. Each one works perfectly fine independently, however there isn’t SSO between them. Any ideas why that might be the case?

Hi @e36m3,

Welcome to the Auth0 Community!

Are you seeing any errors? Can you give some more details so I can troubleshoot further?

Dan I don’t see any errors as far as I know. I’m running Visual Studio 2019, IIS Express. I literally just downloaded the sample and cloned it into another folder. Configured two application on the dashboard and updated the configuration files in both apps with client id, secret, etc.

Both apps are connected to the same user store. When I run the apps, I can use the same user to login just fine. But both prompt me to log in independently. It should be extremely easy reproduce as I literally made no code changes to the sample.

Unfortunately, I don’t have an OWIN environment to spin it up and try it. I can do the same thing with two express.js web servers and it works.

A few more basic questions to make sure we aren’t missing something obvious:

  • Are you using the same browser or browser window? (incognito mode/private browsing can cause issues with SSO).
  • Are you on a legacy tenant with SSO disabled?
1 Like

Dan, based on your suggestion, I see that it in fact works if I use the same browser window. Basically the default Visual Studio behavior is that when you debug an application it launches a new browser windows. As such two applications means two windows. When I use each one individually there is no SSO between them. However if I ignore one of the windows and simply open two tabs on the other windows, there is SSO between the two sites. I suppose this means there is no cookie sharing between two instances of Chrome?

1 Like

Yes! That makes sense. I would assume that VS is opening a different instance of the browser, similar to opening an incognito window, which does not share cookies between the sites. This means no SSO, as you have described.

Thanks for posting an update!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.