This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 62%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
We have two ASP.Net Webforms sites, I'll just call them website1.mysites.com and website2.mysites.com. My local copies work perfectly - I log into website1, then click on a link to website2 that goes to, for example, website2/page1, and I'm logged in and can see everything I expect to see. I can also logout of either website and it successfully logs out of the other.
I've copied over everything to our 2 dev sites but none of this is working properly. I'll log into website1, click a link to go to website2/page1 but when I reach it I'm not logged in. However, if I go to the root of website2 after logging into website1 then it logs me in fine. Single sign-out also doesn't work - I'll logout out of one of the sites, but I'll stay logged into the other one.
I've added in the Redirect URIs for the dev sites. I've checked the that the client IDs and secrets are correct for each site too. I can't help but think that there's something simple I'm missing, but I just can't see it. Is there anything else I need to check / do?
@Neil B can you share your Startup.cs or auth setup code?
@alfredo-revilla-msft I've attached the code from our StartupAuth. Things like the tenant, clientid etc are in a separate class to make them easier to manage, but I've double checked them and they're correct.
I'm reaching within the proper team and will come back to you. Regarding the single sign out, are you using custom policies or user flows?
We're using custom policies.
@alfredo-revilla-msft I've managed to solve the issue with being logged in between different sites - I wasn't setting the cookie domain on the app.UseCookieAuthentication line of the Startup.Auth class. However, I'm still having an issue logging out, but it's now different to what previously reported.
What happens now is this:
I have been unable to resolve this so far. Could you advise what could be causing this issue please? Thanks
Have you implemented and endpoint in each application that clears out the session and register it in the related Azure B2C app registration LogoutUrl?
@alfredo-revilla-msft I ended up creating new endpoints and adding them into the LogoutURL in B2C, and then everything started working fine.
But shortly after this one of the sites was failing to login properly - I'd login with our B2C custom policy, but when it redirected to the site the login appeared to have failed because I couldn't access any pages. However, I tried going to our other site and it logged me in without me having to enter my username and password, so logging into B2C works, but for some reason the first site thinks it isn't logged in.
I've been comparing the two sites and the only difference I can see is that the site with the problem doesn't create a .AspNet.Cookies cookie upon logging in. At the moment I cannot see why it's stopped generating it.
A quick update on this: After logging in to B2C, HttpContext.Current.User.Identity shows the Name and AuthenticationType as nothing, but I can't see that I've changed anything that would affect this. The Startup.Auth class certainly hasn't been changed. I'm at a total loss at the moment.
@alfredo-revilla-msft I finally got to the bottom of the latest problem. I added in a permanent redirect to the web.config a few days ago, but I removed it yesterday. Even with it gone I discovered that the redirect was still happening. Once I cleared the cache for the last 7 days I was able to login properly again.
I think it's safe to close this now.
That's great. Thanks for sharing it!