SSO Single Sign Out - Authorize Endpoint(Silent Authentication) Angular 2

Browser: Chrome
Angular 2

Scenario: I have 2 two apps: App 1 and App 2 , Using SSO(Hosted login page) the user signs into App 1 and cookie is added to the browser store.

App 1 periodically tries to revalidate session by invoking the the below get request:

const url = https://mydomain/authorize?response_type=code&client_id=myclientid&redirect_uri=MyRedirectUrl&scope=openid&prompt=none';

Below is the code:

this.http.get(url).subscribe(data => {
        const test = data
      }, error => {
        this.logout();
      });

We are using angular 2 http service to make the above get request and the cookie is not being passed in the request header.

We are also seeing a CORS issue in the browser(I have added the URL to CORS in the client settings)

I have also tried renewAuth method but I am seeing the same issue
Any suggestions?

The recommended and supported way to achieve that requirement (session validation and token renewal) would be to leverage the renewAuth method as it can simplify the process and also comes with formal support.

I tried to reproduce the issue, but failed to do so using the renewAuth approach. The Angular quickstart has a specific step dedicated to this so you may also to follow that.

In addition, have in mind that if you’re using social authentication you need to ensure that you’re using your own client application information. Using the default Auth0 Dev social keys will have the side-effect of preventing SSO to work as expected; this is noted in the Angular step mentioned above and also on the reference docs about limitations of Dev keys.