Single sign on to organisation

Kush1 · September 27, 2023, 5:04pm

Hi,

I have an issue with a proof of concept I am looking it.

I have two angular applications setup in Auth0,

for flexibility, both applications are turned on for organisations
types of user is set to both (direct from database and via organisations membership)

Organisation settings are set to ‘enable automatic membership’.
The first app is configured as the global login, with the second setup to auto-login (SSO) when the first redirects to it via a button click (using getAccessTokenSilently() call)
In Angular config, organization parameter is configured in application two’s auth0 config only.

The issue:
When a user is in the organisation membership list, after logging into application one, on button click to redirect to application two, silent login works great, and the user it SSO’d into application two.

When a user is not in the organisation membership list, after logging into application one, on click to redirect to application two, silent login (getAccessTokenSilently()) fails stating ‘login required’.

Expected behaviour: The user is added to the organisation membership list on the getAccessTokenSilently() call (enable automatic membership is on).
The user is silently logged in to application two.

Is there any way this scenario could work (switching organisation, auto adding user to org member list, and silently logging in) ?

tyf · September 27, 2023, 10:09pm

Hey @Kush1 welcome to the community!

Are there more than one organizations involved? Which organization is the user added to when logging into the first app?

Kush1 · September 28, 2023, 8:47am

Hi @tyf, there potentially could be multiple organisations involved, I’m just testing with one first. The first application doesn’t use an organisation to login so its directly via the connection/database.

Once logged in, via button click, the second application is opened. The organisation at the moment is hard-coded in the auth config on application two which is used for the silent login.

Kush1 · September 29, 2023, 8:20am

I’ve figured out a solution for us using custom values being passed in the silent auth request, then adding these to the token in a post login action. Thanks to anyone that had a read and a think

tyf · September 29, 2023, 6:27pm

That’s awesome, thanks for sharing here!

system · October 13, 2023, 6:28pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Silent auth with enterprise connection (SSO) and organisations only works if connection exposed to the application Help login-experience , new-universal-login-experience	1	13	October 11, 2024
Change organization for the user, using getAccessTokenSilently() method Help login-experience , login-prompt-new-experience	2	652	December 15, 2023
Login circular redirect after implementing organizations Help angular , spa , redirect , organizations	6	2853	March 21, 2022
What is the recommend way to automatically select organisation during login? Help login-experience , new-universal-login-experience	1	29	August 22, 2024
No session share between Auth0 apps Help sessions , authentication-sessions	2	34	August 1, 2024

Single sign on to organisation

Related Topics