SSO and Universal Login select account feature (formerly disabled seamless sso)

Hi,

I created a Tenant a while ago which had in the tenant settings the option “Enable/Disable seamless SSO” which when using the default Universal Login (Hosted Lock 11) could make the user prompt for account selection if he still had a session with auth0 or just redirecting him to callback right away.

With a newly created Tenant i do not have this option anymore. Now when using all standard settings in the tenant im not able to achieve the same behaviour again.

I tried various options of the lock11 like rememberLastLogin or from the auth flow of the openid standard prompt=select_account, neither somehow works.
https://auth0.com/docs/libraries/lock/v11/configuration#rememberlastlogin-boolean-
Final: OpenID Connect Core 1.0 incorporating errata set 1 (3.1.2.1 see prompt)

Not sure if its a bug, but would be awesome if anyone could point me in the right direction.
Thnx

Hey there @christian.fuerst!

When it comes to “Enable/Disable seamless SSO” option, all new Auth0 tenants come with seamless SSO enabled, legacy tenants may choose whether to enable this feature.

https://auth0.com/docs/sso/current/setup#addendum-sso-configuration-for-legacy-tenants

Let me know if that helps!

Hi Konrad,

Thanks, i read this too. But the question remains: openid standard has a spec for account prompt:
Final: OpenID Connect Core 1.0 incorporating errata set 1 (3.1.2.1 see prompt)

and i would like to still have account prompting with new tenants.
So how do i do that?

Thanks

Hey @christian.fuerst! Sorry for not getting in touch for so long. You can use the prompt=login parameter in your authorize link to ask for credentials each time. When it comes to rememberLastLogin if you have SSO enabled, no matter what the rememberLastLogin says it then takes the inactivity timeout and require log in after values to log you out

Here’s the same situation from another user:

Hope it helps!

Hey there @christian.fuerst!

Have you managed to achieve what you intended based on the info I provided above?

Hi Konrad,

I think we can “resolve the issue” since (from the other thread) its just not possible anymore :slight_smile:

1 Like

Can you post that thread here also so that other members of our community can benefit from this too? Thanks a lot!

sure, its the one u posted:

cheers

I know :slight_smile: Thanks a lot for that! :pray:t3:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.