Using universal login, how can we detect a logout on the other app?

we have a single tenant, and several applications in it.
we use the universal login.
Assume the following happens on a single laptop:
User x@foo.com authenticates and starts to use App1, which is a SPA.
The same user starts to use App2 (some other SPA). Since it’s a universal login, the user is happy to see that there’s no need to login again. Great.
Now user x@foo.com logs out from App1.
How can we detect on App2 that this happened?
If another user, y@foo.com, logs in to App1 then even more stuff goes wrong.
Is there an event inside React SDK of auth0 that is triggered when the authenticated user is already logged out?

Thanks!

Hello @ronkl,

Welcome to the community! There is no way to do this today within Auth0 itself. You would need the applications to communicate with each other via their own channel: User logs out of App1, App1 sends a message to App2 telling it to terminate the users session. Even then, the user’s tokens are still going to be valid and “out there” until they expire. Token introspection solves this but is not currently an option.

I assume your example of the second user y@foo.com is using the same machine. There are some hard problems there with no easy technical solutions. If two people are sharing the same machine, they are going to trip over each other.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.