Native to Web SSO

Auth0’s Native to Web Single Sign-On (SSO) feature provides a seamless user experience transitioning authenticated users from your native application to your web application.

If your web application relies on embedded WebViews or external browsers to deliver extended or advanced functionality, your users can move between native and web environments in the same authenticated session.

By binding Session Transfer Tokens to the specific device through IP address or ASN, session continuity and security is maintained and ensures the authentication context remains secure throughout the transition.

1. A user logs in to your native application.

2. Auth0 authenticates the user and returns an access token, refresh token, and ID token.

3. Your native application calls Auth0’s /token endpoint to exchange a refresh token for a Session Transfer Token. The Session Transfer Token is bound to a specific IP address or ASN.

4. Auth0 returns the Session Transfer Token for authentication with a web application.

5. Auth0 authorizes the Session Transfer Token as part of the cookie or as a URL parameter, and then returns an authorization code.

6. The web application exchanges the authorization code for access or refresh tokens at the /token endpoint.

7. The web application initializes a session for the user.

Learn how to Configure and Implement Native to Web SSO

• Once Native to Web SSO is enabled in a client, the session_transfer_token parameter only works for Native to Web SSO

• Refresh Tokens originated from a previous Session Transfer Token transaction will not generate new Session Transfer Tokens.