We are gradually upgrading a legacy Web Forms application to MVC 5 and we want to use Auth0 for authentication. So we are creating a simple proof of concept to check that single sign on works as expected between a web forms app and an MVC app.
But it is not working as expected and I was wondering if anybody else has experience with this and can help.
If you login to the Web Forms app (http://authzerowebformstest.azurewebsites.net/) and then go to the MVC app (http://authzeromvctest.azurewebsites.net/) and refresh the page it does not recognise that you are authenticated. You have to click the ‘Login’ menu item (top right) which calls the Auth0 login code and then recognises that you are logged in and does not ask for credentials.
I would have expected the app to recognise that the user is authenticated without having to call the Auth0 code.
Logout has the same issue in that you have to click logout on both applications.
The Web Forms project is using this code sample - https://auth0.com/docs/quickstart/webapp/aspnet
The MVC project is using this code sample - https://auth0.com/docs/quickstart/webapp/aspnet-owin
I assume there is some code that I need to add to both applications to call the Auth0 API and check whether the user is logged in and then redirect them if not, but I can’t find that in the documentation.
Can anybody point me in the right direction?