No connections enabled on the SPA, only on the org
However, this seems to break SSO. We are using Universal Login and SSO was working before, we could sign into one app and were signed in everywhere else.
This is especially disruptive with the added org prompt. Because of how our apps link to each other, users are having to sign in 3 times in some cases, which is very cumbersome.
Is this expected behavior? Is there any way to get SSO back, or do we need to find another way to solve our user case that doesn’t use organizations?
Is there a reason the cookie needs to be organization specific? Any suggestions that would make it so SSO just works in our use case, without having to specify the organization?
We are now setting the org ID as a cookie whenever someone logs in, then clearing it when they log out. This fixes SSO for us by making the provider organization-aware.
It also serves as a sort of “remember me” for the organization prompt, which is a nice side effect.
Note: We haven’t fully rolled this out yet, but we have tested it enough to be confident it’ll work.
Thank you @tim.becker . I think this will help me.
and
I have spring boot web app where I am using “spring-boot-starter-oauth2-client” which will trigger the authorization internally. I think we won’t be able to add parameters.
Is there any solution to work multiple spring mvc app with SSO when organization is enabled ?