Shared session between 2 Auth0 Apps

Audacia · October 16, 2023, 3:47pm

Hi everyone.
In my Auth0 tenant I have 2 apps: a Regular Web App and a Native App.
Regular Web app refers to a NextJS app (frontend + API backend);
while my Native App refers to an Android App I am working on.

My native app will have to connect with the Nexjts API backend, where the various endpoints are protected by Auth0.

So, what I want to achieve is:

I log in to my native app;
I retrieve the access token;
I use access token as Bearer Token to authenticate to my NextJS App.

So, briefly my question is: is it possible to share a session between 2 Auth0 apps?

tyf · October 16, 2023, 8:57pm

Hey @Audacia !

Thanks for the detailed description

I recommend taking a look at the following topic:

If you are using an Auth0 SDK which utilizes a browser based login flow (Chrome Custom Tabs) and Chrome on the device to access the web app along with silent authentication you should get what you are looking for. Here’s an example of silent auth in nextjs:

github.com/auth0/nextjs-auth0

Silent authentication without user interaction

opened 05:22PM - 20 Nov 19 UTC

closed 11:37AM - 20 Jan 21 UTC

roaks3

enhancement

### Describe the problem you'd like to have solved There does not appear to b…e a way to have the user silently authenticate without the need for interaction from the user (ie. requiring a click of a "Login" button). ### Describe the ideal solution A new handler (something like `SilentLoginHandler` or `CheckSessionHandler`) that would allow us to check for an existing Auth0 session and create the cookie required for subsequent authenticated calls. ### Alternatives and current work-arounds - Since the library does not expose the cookie store, there does not appear to be a work-around - If this library is not used, `auth0.js` appears to have a solution in `checkSession()` that will return the token of an existing session, which can be used for subsequent authenticated calls. ### Additional context This request is in support of a requirement we have to support a shared login session seamlessly across two applications. If a user has already logged in through one application, we would like the session to be automatically loaded right when the user lands on the second application.

Audacia · October 17, 2023, 8:08am

Hi, thanks in advance for your response.

As regard silent authentication, I can retrieve a token in my Native App by consuming getAccessTokenSilently function from auth0/auth0-react library.

I already tried to use this token to authenticate to my Regular Web App APIs, but I get an error warning me that the format is incorrect (as I expected).

If I understand correctly, should I be able to do this by enabling SSO within my tenant?

system · December 22, 2023, 11:35pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Share the session between two mobile apps Help sessions , authentication-sessions	2	15	October 24, 2024
Sharing Auth0 session cookie between NextJS applications? Help configuration , application	0	993	January 18, 2024
Can't access the shared session from another webapp in my Next.JS auth0 application Help user-management , account-linking	1	1271	November 15, 2023
I Need a seamless login between two applications (nextjs and spring mvc) using same auth0 client Help login-experience , login-prompt-new-experience	8	870	January 26, 2024
React native + nextjs + auth0 Help platform-infrastructure , general-architecture-question	8	2233	January 5, 2024

Shared session between 2 Auth0 Apps

Related Topics