Okta SSO shouldn't require me to sign in once every browser session



Infrastructure & Operations
Infrastructure: SSO
a year ago
a month ago


(Reporter: emorley, Assigned: jabba)





a year ago
1) Ensure Firefox's "remember open tabs" option is disabled
2) Visit https://sso.mozilla.com/ and complete the sign-in flow, including Duo 2FA
3) From the resultant page (https://mozilla.okta.com/app/UserHome) click the Gmail link
4) Read some emails
5) Close the browser
6) Immediately open the browser and re-visit GMail and/or https://mozilla.okta.com/app/UserHome

I should not be prompted to log in again (for at least eg 24 hours).

I have to log into Okta again, presumably because it's only setting session cookies.

Comment 1

a year ago
(In reply to Ed Morley [:emorley] from comment #0)
> STR:
> 1) Ensure Firefox's "remember open tabs" option is disabled

Since this feature preserves even session cookies across browser restarts.

Comment 2

a year ago
Is this intended behaviour, or a bug? If the latter, can we start a discussion about it, or if the former, can we file an upstream ticket?

Thanks :-)
Flags: needinfo?(jdow)

Comment 3

a year ago
I did this test:

1)Logged into okta
2) closed browser
3) started firefox again
4) navigate to Okta, am asked to sign in
5) did not sign in, instead clicked back button
6) on about:home, I clicked "Restore Previous Session" button
7) it resumed my Okta session and did not have to log in again.

This seems to be expected behavior?
Flags: needinfo?(jdow)

Comment 4

a year ago
Clicking "Restore Previous Session" restores the session cookie.

* this is just a workaround for the SSO only lasting until end of session (I believe it should persist longer than that)
* Crucially it doesn't work on mobile, so I have to sign into web GMail ever single time I open Firefox for Android (I don't want to add my Google Apps Mozilla account to my phone's native sync, since I don't want work contacts on their, or notifications, calendar pollution etc)

Comment 5

a month ago
We are finally off of Okta.
Assignee: infra → jdow
Last Resolved: a month ago
QA Contact: jbryner
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.