We are building multiple web applications that use Azure B2C user flows for authentication. They are hosted on our servers within the same domain, but different subdomains to differentiate them. The tech stack varies a bit between the apps, but for now, let’s focus on two that are both based on Angular. We have configured the apps and their respective APIs to be authenticated via a single Azure B2C sign-in policy using the MSAL.js node package, and taken individually, they authenticate and work just fine (well, mostly, but that’s another issue all together). Our issue is that, based on how we understand Azure B2C to handle SSO, a user should be able to sign-in to one app, and move seamlessly to the other app without having to sign-in again, but that is not the case. Switching to the other app shows that the user is not signed in and is prompted with the login page if they attempt any tasks that require authorization, and that is not the behavior we want.