Hello Auth0 Community,
I have 2 apps myapp.domain.com and external.com, both of them are using auth.domain.com (custom domain) to authenticate via OIDC. Logging in via external.com gives me access to myapp.domain.com, so I suppose SSO is working?
The issue is that myapp.domain.com embeds a component from external.com, and this component checks if the user is authenticated, if so, it will proceed to load the rest of the components, if not, it will prompt the user to log in.
From what I have seen in the HAR files
- Loads page assets in myapp.domain.com
- Loads components from external.com
- Component redirects to authenticate user
- Redirect to auth.domain.com/authorize to log in
- Redirect to external.com is for sale with the code
- Reloads the page in 1
Does anyone have an idea why does the external.com component not recognize the authentication tokens already in place and keeps requesting to log in again?