Signing and Signing out issue with Single Sign On on Application A (OpenId Connect method) and Application B (SAML method)

Hello,
We have 2 applications using the SSO from OKTA.

Application A signs user in using the Sign In widget and OKTA.ASPNet middleware by OpenId Connect method.

Application B (Sisense) uses the SAML to sign the user in.

We are trying to establish the SSO between this 2 applications and having some issues as explained below.

Question (Issue) 1:
When I am signing in into the Application A, it automatically signs a user into the Application B, but vice versa doesn’t work. When I am signing into the Application B then it does not signs me in into the Application A. Can you please advise on this?

Question (Issue) 2:
When I sign out from either of the application it is actually signs out from that application from which we clicked the sign out button but it is not signing out from the other application. The session is still active on the other application. FYI,We are using this information and following everything mentioned in this link: https://developer.okta.com/docs/guides/sign-users-out/aspnet/sign-out-of-okta/

But still Sign out event is not signing out from all the applications.

Can you please advise on these above 2 issues?

Thank you in advance for your time and consideration.

Regards,
Jaynish Patel

Hi @jaynishp

When I am signing in into the Application A, it automatically signs a user into the Application B, but vice versa doesn’t work. When I am signing into the Application B then it does not signs me in into the Application A. Can you please advise on this?
Based on the environment described, Application A requires Okta to send an authorization code flow in order to authenticate the user. You can check through CORS if the user is authenticated in your Okta org (eg. by doing a request to /api/v1/users/me and checking for “id” in the response body) and, if yes, redirect him to the authorization endpoint in Okta. This will offer the possibility for the user to authenticate automatically in Application A if he logged in already to Okta and to Application B.

When I sign out from either of the application it is actually signs out from that application from which we clicked the sign out button but it is not signing out from the other application. The session is still active on the other application. FYI,We are using this information and following everything mentioned in this link: https://developer.okta.com/docs/guides/sign-users-out/aspnet/sign-out-of-okta/
To achieve this use-case, you need to log out the user from one of the applications and then log the user out from Okta. When the user will access the other application, you need to check if a session is present in Okta (same as above) and, if not, clear the session in the application.