Okta signin-widget automatically redirect users already logged

fcerullo · August 10, 2022, 11:15am

Hi All
we have an angular SPA using below Okta js libraries:

"@okta/okta-angular": "^5.2.0",
"@okta/okta-auth-js": "6.7.4",
"@okta/okta-signin-widget": "6.6.1"

token/storage oktaAuth settings are as below:

"tokenManager": {
    "storage": "sessionStorage"
},
"storageManager": {
    "token": {
        "storageType": "sessionStorage",
        "storageTypes": []
    },
    "cache": {
        "storageType": "sessionStorage",
        "storageTypes": []
    },
    "transaction": {
        "storageType": "sessionStorage",
        "storageTypes": []
    }
}

interactionCodeFlow is set as true in the signin-widget config.

I was wondering if there’s an option to avoid a user to be already logged opening a new tab, as well as opening a new browser window.
e.g. in fact if I log in in tab A and then I open the tab B (same url), the signin-widget will automatically redirect the user to the main application page as the user result already authenticated.
Any chance to avoid above behaviour or is intended as the expected one?

Thanks,
F

erik · August 12, 2022, 8:11pm

Hello,
With the interaction flow it is expected, when you render the widget it will make a couple of calls where it is returned that the user already has a session so tokens will be retrieved.
You can test if an Okta session already exists and if so not render the widget.

Is the goal to be able to login with a different account in the same browser where an existing Okta session already exists?