Making jsession id sticky

Hello Helical Insight,

We are using JWT and implemented SSO on helical insight 4.1 GA. If we send in an authToken while using the embed tag, the Helical insight server will set a JSESSIONID cookie and then use that even when the authToken has changed. This is a problem because we are embedding into the authToken a companyID which right now shows information on the charts from the previous company if the user switches between companies. Is there a solution for this? Possibly bypassing HI authenticating with a cookie or maybe changing the JSESSION cookie in a way we can remove it on another subdomain if the user switches?

Thank You,
Sesa.

Hello Sesa,

As we saw in the call that you are first checking with some token and then without loggingout helical insight before you are logging in to check for other user. So the previous session continues.
So in your parent application you should also trigger logout as well so that even if you check it will work fine. Ideally speaking your end users will only have one login, so for them this problem will not come. However it is ideal that in your parent application you can also trigger helical insight logout api

Go through this blog to learn more about the logout api : Logout of Helical Insight in embedded mode - #2 by helicalforum

Thank You,
Helical Insight.