Okta signin-widget automatically redirect users already logged

Questions OAuth/OIDC
, ,
1

Hi All
we have an angular SPA using below Okta js libraries:

"@okta/okta-angular": "^5.2.0",
"@okta/okta-auth-js": "6.7.4",
"@okta/okta-signin-widget": "6.6.1"

token/storage oktaAuth settings are as below:

"tokenManager": {
    "storage": "sessionStorage"
},
"storageManager": {
    "token": {
        "storageType": "sessionStorage",
        "storageTypes": []
    },
    "cache": {
        "storageType": "sessionStorage",
        "storageTypes": []
    },
    "transaction": {
        "storageType": "sessionStorage",
        "storageTypes": []
    }
}

interactionCodeFlow is set as true in the signin-widget config.

I was wondering if there’s an option to avoid a user to be already logged opening a new tab, as well as opening a new browser window.
e.g. in fact if I log in in tab A and then I open the tab B (same url), the signin-widget will automatically redirect the user to the main application page as the user result already authenticated.
Any chance to avoid above behaviour or is intended as the expected one?

Thanks,
F

2

Hello,
With the interaction flow it is expected, when you render the widget it will make a couple of calls where it is returned that the user already has a session so tokens will be retrieved.
You can test if an Okta session already exists and if so not render the widget.

Is the goal to be able to login with a different account in the same browser where an existing Okta session already exists?

3

@erik your response is matching with my question I been looking into different posts but haven’t found the answer yet. My purpose is access different application in same browser and user shouldn’t logged in separately in each application. Just wanted your help to know how I can check if session is already with interaction code?

Can you please help with my query ? Thanks

4

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.