This article provides a few examples of achieving a Single Sign between applications of the same tenant.   
Examples include one NEXTJS (RWA) and several REACT (SPA) apps with 100% protected pages.

• Single Sign-on (SSO)

Login Scenario 1.1:

1. Open the NEXTJS app URL
2. Open another REACT app. It requires a login (Fully protected)
3. Login into NEXTJS
4. Open a REACT app within
5. Friction-less experience with open session

Login Scenario 1.2:

1. Go to the REACT app (fully protected) within the NEXTJS app
2. Redirects to Login, enter credentials
3. Back to the NEXTJS page
4. Unauthenticated. Also, refreshing does not work
5. Click in Sign in / log in
6. Friction-less opened the session in NEXTJS (valid Auth0 session), but with an extra-click

Login Scenario 1.3 (between REACT apps ):

1. Login in REACT app 1
2. Go to REACT app 2 in another tab, same browser
3. Open sessions in both

NOTE: There could be other scenarios. This is a baseline guide.

Login scenarios 1.1 and 1.3 work as expected when accessing the React app.

• If users save the React app as a bookmark, it will lead them to the Universal Login page. 
• When the session is started from the NextJS app, sign in will be a frictionless experience.

However, in case 1.2, the main app can't have a session on the server side because the React apps won't open a session here, so the appsession cookie is not present.

To resolve this issue, trigger a Silent Authentication when the page is loaded. For further information, refer to Configure Silent Authentication

Related References

• Single Sign-On (complete section)
• Sessions (complete section)
• Session Lifetime Limits  (specific to this case)