We use Auth0 as SAML IdP (users in Auth0 database) with two client applications (SAML Service Providers). The goal is to have SSO between the two applications.
We use the hosted login page from Auth0 and SSO works:
user goes to the first application, gets redirected to login page, logs in, then when user goes to the second application, the Auth0 prompt shows up and user can confirm that he wants to proceed with the current identity to the second application.
The thing is that we would want to remove the prompt and have user access the second application without having to confirm that he wants to proceed with current identity.
Basically we would like to use Silent Authentication mentioned here: https://auth0.com/docs/sso/current/single-page-apps#silent-authentication
but in our case we use SAML and not OIDC - so the steps from the documentation do not work for us. Also silent authentication sounds quite restrictive as it leads to error in case where user is not logged in - instead we would like to show the login form when user is not logged in.
Is there a way to ensure “less-restrictive silent auth” with SAML? We used a different SAML IdP in the past and it redirected to the target application without the prompt so we would want to keep the same behavior.