Hey , I have 3 frontend apps with the following domain . Have created a new auth service where supertokens app with middleware and tenants is setup . Each frontend talks to auth service for authentication and then to its own backend service for business logic . 1. uws.fairmatic.com (backend : uws.fairmatic.org) 2. pcc.fairmatic.com (backend : pcc.fairmatic.org) 3. dbe.fairmatic.com. (backend : dbe.fairmatic.org) 4. auth.fairmatic.com (backend : auth.fairmatic.org) I am using multi-tenancy feature and have created 2 tenants . 1 and 2 need same login mechanism hence will use the same tenant but 3 will use a different tenant . I want user sessions to be shared within the tenants only. eg : If a user has signed in in uws.fairmatic.com he/she should be automatically signed in to pcc.fairmatic.com but not to dbe.fairmatic.com as its a different tenant . https://supertokens.com/docs/thirdparty/common-customizations/multi-tenancy/sub-domain-login#step-4-tell-supertokens-about-tenants-sub-domains We have implemented example #2 approach in this doc On frontend , sessionTokenFrontendDomain value is set to .fairmatic.com in session.init On the backend , cookie_domain is set to .fairmatic.org in session.init This is not working as if I try to login into uws.fairmatic.com it logs in to dbe.fairmatic.com which is on different tenant and even the user is not present in that tenant . I have even restricted tenant access by adding get_allowed_domains_for_tenant_id in multi-tenancy recipee at the backend .