Twitter App does not sign into Twitter if already signed in Skip to main content
https://support.okta.com/help/answers?id=906f0000000i03giac&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Ben AmadaBen Amada 

Twitter App does not sign into Twitter if already signed in

My organization has 12 Twitter accounts.  We have a separate Twitter app added for each Twitter account.  Each app is configured to use secure web authentication (SWA) which is the only sign-on option avaiable for Twitter.  The problem our users are having is, if I'm already logged into Twitter Account A, and I click on the Twitter Account B icon, I get taken to Twitter and I'm still logged into Twitter Account A -- not Account B.

It appears the reason is because when the browser reaches /login, Twitter issues a 302 redirect to https://twitter.com/ if it sees you are already logged in, and the Okta SWA Plug-In never gets a chance to enter the credentials for Twitter Account B.  The only way we are able to log into a different twitter account is if we explicitly log out of Twitter first, then go back to Okta, and click on the Twitter Okta app we're interested in logging in under.  This is confusing to most users, and the a hassle to the users that do understand he process.

Is there not another method available.  Some possible ideas I'm wondering if are available:
  1. ​Could Okta first redirect to a Twitter logout URL and then redirect to /login?
  2. Is there a login page with a different URL that would allow the Okta SWA Plug-In to fill in the credentials without Twitter redirecting first?
  3. Could the Okta SWA Plug-In clear the Twitter cookie in the browser before redirecting.
Any of these possible, or something else not listed above?

Thanks.
Madhu Mahadevan - SEMadhu Mahadevan - SE (Okta, Inc.)
Interesting issue.  I wonder if the force_login parameter can help here.  See http://stackoverflow.com/questions/1960957/twitter-api-logout and https://dev.twitter.com/oauth/reference/get/oauth/authenticate for more information.  I have not tested this so YMMV!
Ben AmadaBen Amada
Thanks Madhu.  I don't think that's applicable here because we're not doing OAuth.  We're using the Twitter Okta app to log into Twitter.  From what I can see, all that happens here is when clicking the Twitter Okta App, that takes you to https://twitter.com/login where the Okta SWA browser plug-in tries to fill in the credentials.  But the problem is if you are already logged into Twitter, Twitter automatically 302 redirects you to https://twitter.com/ and the plug-in never has a chance to fill in the form.  You can see that if you go to https://twitter.com/login (and if you are already logged into Twitter), you'll notice Twitter automatically 302 redirects you to https://twitter.com.