Hmm, did not see any notification about new replies to this thread.
You are right that cookies are domain & port specific. Okta session cookie will allow the browser to log into your second app without seeing Okta login widget.
A few thoughts on why it did not work - first, Okta session cookie is session bound, it’s gone when
- The browser processes are killed, which cleans up all session cookies, or
- User clicked Okta logout link, or
- Session expired (2 hours of inactivity)
Second, it’s a puzzle that you do not see Okta session cookie. I have seen the session behavior between an Okta SAML app and Okta dashboard. Could there be anything in your app configuration that prevent session behavior/cookie?
And last, looks like this thread is related to your question:
Hope that helps.