> ## Documentation Index
> Fetch the complete documentation index at: https://docs-dev-actions-triggers-prototype.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Native to Web SSO

> Learn how Auth0's Native to Web SSO works.

<Warning>
  Native to Web SSO is currently available in Early Access. To use this feature, you must have an Enterprise plan. By using this feature, you agree to the applicable Free Trial terms in Okta’s [Master Subscription Agreement](https://www.okta.com/legal/?_gl=1*agihqh*_gcl_au*NjM2NjA1MDg4LjE3NTM5ODE4NjY.*_ga*MTgyNDA4MjM2Ny4xNzE1MTAyMjQy*_ga_QKMSDV5369*czE3NTQ0NzQ3NTAkbzM1MyRnMSR0MTc1NDQ3NjU5MCRqNiRsMCRoMA..). To learn more about Auth0's product release cycle, review Product Release Stages.
</Warning>

Auth0’s Native to Web <Tooltip data-tooltip-id="react-containers-DefinitionTooltip-0" href="/docs/ja-jp/glossary?term=single-sign-on" tip="シングルサインオン（SSO）: ユーザーが1つのアプリケーションにログインした後、そのユーザーを他のアプリケーションに自動的にログインさせるサービス。" cta="用語集の表示">Single Sign-On</Tooltip> (SSO) feature provides a seamless user experience transitioning authenticated users from your [native application](/docs/ja-jp/authenticate/login/native-login) to your web application.

If your web application relies on embedded WebViews or external browsers to deliver extended or advanced functionality, your users can move between native and web environments in the same authenticated session.

By binding Session Transfer Tokens to the specific device through IP address or ASN, session continuity and security is maintained and ensures the authentication context remains secure throughout the transition.

## How it works

<Frame>
  <img src="https://mintcdn.com/docs-dev-actions-triggers-prototype/Sm-rZzBGG9mhReiN/docs/images/ja-jp/cdy7uua7fh8z/4gFE2RP5ZCEcukiNF3Gpae/f957034f63c36d5a11f6a64d988c00e9/sequence-diagram.png?fit=max&auto=format&n=Sm-rZzBGG9mhReiN&q=85&s=28d45cb348dc03ef0a6c700a2d28888a" alt="Native to Web SSO workflow" width="1404" height="869" data-path="docs/images/ja-jp/cdy7uua7fh8z/4gFE2RP5ZCEcukiNF3Gpae/f957034f63c36d5a11f6a64d988c00e9/sequence-diagram.png" />
</Frame>

1. A user logs in to your native application.
2. Auth0 authenticates the user and returns an access token, refresh token, and ID token.
3. Your native application calls Auth0’s [`/token`](https://auth0.com/docs/api/authentication/authorization-code-flow-with-pkce/get-token-pkce) endpoint to exchange a refresh token for a Session Transfer Token. The Session Transfer Token is bound to a specific IP address or ASN.
4. Auth0 returns the Session Transfer Token for authentication with a web application.
5. Auth0 authorizes the Session Transfer Token as part of the cookie or as a URL parameter, and then returns an [authorization code](/docs/ja-jp/get-started/authentication-and-authorization-flow/authorization-code-flow).
6. The web application exchanges the authorization code for access or refresh tokens at the [`/token`](https://auth0.com/docs/api/authentication/authorization-code-flow/get-token) endpoint.
7. The web application initializes a session for the user.

Learn how to [Configure and Implement Native to Web SSO](/docs/ja-jp/authenticate/single-sign-on/native-to-web/configure-implement-native-to-web)

## Limitations

* Once Native to Web SSO is enabled in a client, the `session_transfer_token` parameter only works for Native to Web SSO
* <Tooltip data-tooltip-id="react-containers-DefinitionTooltip-1" href="/docs/ja-jp/glossary?term=refresh-token" tip="リフレッシュトークン: ユーザーに再度ログインを強いることなく、更新されたアクセストークンを取得するために使用されるトークン。" cta="用語集の表示">Refresh Tokens</Tooltip> originated from a previous Session Transfer Token transaction will not generate new Session Transfer Tokens.