I have an issue with a proof of concept I am looking it.
- I have two angular applications setup in Auth0,
- for flexibility, both applications are turned on for organisations
- types of user is set to both (direct from database and via organisations membership)
- Organisation settings are set to ‘enable automatic membership’.
- The first app is configured as the global login, with the second setup to auto-login (SSO) when the first redirects to it via a button click (using getAccessTokenSilently() call)
- In Angular config, organization parameter is configured in application two’s auth0 config only.
When a user is in the organisation membership list, after logging into application one, on button click to redirect to application two, silent login works great, and the user it SSO’d into application two.
When a user is not in the organisation membership list, after logging into application one, on click to redirect to application two, silent login (getAccessTokenSilently()) fails stating ‘login required’.
Expected behaviour: The user is added to the organisation membership list on the getAccessTokenSilently() call (enable automatic membership is on).
The user is silently logged in to application two.
Is there any way this scenario could work (switching organisation, auto adding user to org member list, and silently logging in) ?