Hello! I am having trouble with SSO across 2 of my SPA apps.
app1.domain1.com - has private & public routes
app2.domain2.com - has all private routes
My apps are currently on different top level domains and they each have their own auth0 application. When I log into app2 and navigate to app1 I am not automatically logged in when calling checkSession (from auth0-spa-js lib).
I noticed when I log into app2 I get an auth0.[clientId].isAuthenticated
cookie. Does this cookie need to be present on app1 when it loads to automatically be logged in? If so, does this mean the apps need to be on the same top level domain so I can use a cookieDomain of .domain1.com.
And do I need to share a single auth0 application across both apps so the apps use the same auth0.[clientId].isAuthenticated
cookie?
Thank you