SSO / Oauth-Azure keeps logging in as anonymous user in Mx9

I am encountering problems logging in using OAUTH in Mendix 9 I've used the app store module “Open Authentication Module” from Clevr I've used this module for other apps in Mendix 8 without problems   After callback from Azure user can be found, but when role-based homepage is started the Microflow for anonymous user is started. When starting app first time there was no issue and app was started with credentials from SSO-user from Azure. Later on even when using incognito window and removing cookies user is not logged in. I'm not very experienced with Oauth an Java but I suspect that cookies are somehow being used to create the session and pass it on to the app in the following part of the java source and that something is going wrong there somewhere :     // no existing session found, perform login using the provided username   Core.getLogger("OauthLogin").debug("Setting Mendix runtime cookies (XASSESSIONID, XASID and originURI)");    // create cookies and redirect: String key, String value, String path, String domain, int expiry    response.addCookie(XAS_SESSION_ID, session.getId().toString(), "/", "", -1);   response.addCookie(XAS_ID, "0." + Core.getXASId(), "/", "", -1);   response.addCookie(OriginURI, OriginURIValue, "/", "", SECONDS_PER_YEAR);   When running app with log-level debug the following shown in logfile: 11:15:31 AM APP INFO  OAuth: Login OK: user 11:15:31 AM APP DEBUG OauthCallback: Resolved user gerardb 11:15:31 AM APP DEBUG OauthCallback: User found: gerardb 11:15:31 AM APP DEBUG OauthLogin: Setting Mendix runtime cookies (XASSESSIONID, XASID and originURI)   So seems user can be detected based on callback from Azure to but user is not used when starting startup microflow. I've compared with settings in Mendix 8 apps where same module is used with no problems but I don't see any differences.   Could this be a specific Mendix 9 issue?   Does anyone have a clue how to solve this issue?   Thanks
1 answers

Hi Gerard,

I believe that module is old and not properly maintained (last version 2020). If you want to use SSO using OAuth I would recommend the following module: