← Back

Native-to-Web SSO

Session transfer token · Single-use · 60s expiry · IP-bound

1. Native app login
2. Get transfer token
3. Authorize web app
4. Both sessions
Native App

Sign in to the simulated native app. This uses a server-side Auth0 client configured with session_transfer.can_create_session_transfer_token: true. It requests offline_access so it holds a refresh token — that RT is what gets exchanged for the session transfer token in step 2.

Sign in to Native App