Firstly, having two databases where there each DB is assigned per Application is the correct approach:
User 1 in Default DB and User 2 in Centric DB
App 1: Default DB
App 2: Centric DB
I believe you already have this part configured. In this configuration, User 1 can only log in to App 1 and cannot log in to App 2. Likewise, User 2 can only log in to App 2 and cannot log in to App 1.
Is this not the behavior you are experiencing? If not, could you please capture your login events in a HAR file and send them to me as a direct message to investigate further?
Next, you mentioned that you have “a URL on App 1 that transfers the user to App2 or vice versa”. Could you please clarify how the user is being transferred and provide the exact steps on how you accomplish this?
A user logs in to the session (it’s hosted via Express and OIDC) and sees a link specified below <% if (locals.isAuthenticated) { %>. The link redirects them to another project/port with a Separate CLIENT ID, that has a separately configured DB that does not share credentials with the prior service. For some reason: it keeps the user signed in with the prior sessions credentials. Once you sign out, the credential no longer works.
Site 1 is hosted at: 192.168.1.12:3000
Site 2 is: 192.168.1.12:3301
seems the application secret was the same for both applications storing the same login for both sessions. I generated a new openssl string and the issue resolved.
TL:DR: If your session stores for two different DB’s use openssl and change the secret for both projects.