diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 69093e9be19233b60fad9f8e31f884947be4286a..69795c8d4ca0498dca804919d25e618d40a96979 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -78,6 +78,7 @@ class ApplicationController < ActionController::Base
   def invalid_session?(user)
     return true if user&.session_token != session[:session_token]
     return true if user&.session_expiry && DateTime.now > user&.session_expiry
+    return true if !user.super_admin? && user.provider != current_provider
 
     false
   end
diff --git a/app/javascript/routes/AuthenticatedOnly.jsx b/app/javascript/routes/AuthenticatedOnly.jsx
index 4f5c5654e88e39295e474d5d56913a7cb9c50555..f8fde5ed103fb521021028efa918b2748f3cdf1f 100644
--- a/app/javascript/routes/AuthenticatedOnly.jsx
+++ b/app/javascript/routes/AuthenticatedOnly.jsx
@@ -27,7 +27,8 @@ export default function AuthenticatedOnly() {
   const { t } = useTranslation();
   const currentUser = useAuth();
   const location = useLocation();
-  const match = useMatch('/rooms/:friendlyId');
+  const roomsMatch = useMatch('/rooms/:friendlyId');
+  const superAdminMatch = useMatch('/admin/*');
   const deleteSession = useDeleteSession({ showToast: false });
 
   // User is either pending or banned
@@ -44,10 +45,14 @@ export default function AuthenticatedOnly() {
   }
 
   // Custom logic to redirect from Rooms page to join page if the user isn't signed in
-  if (!currentUser.signed_in && match) {
+  if (!currentUser.signed_in && roomsMatch) {
     return <Navigate to={`${location.pathname}/join`} />;
   }
 
+  if (currentUser.signed_in && currentUser.isSuperAdmin && !superAdminMatch) {
+    return <Navigate to="/admin/users" />;
+  }
+
   if (!currentUser.signed_in) {
     toast.error(t('toast.error.signin_required'));
     return <Navigate to="/" />;
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
new file mode 100644
index 0000000000000000000000000000000000000000..10565e2b03c11d95105dbee611d2f604842f9df5
--- /dev/null
+++ b/config/initializers/session_store.rb
@@ -0,0 +1,23 @@
+# BigBlueButton open source conferencing system - http://www.bigbluebutton.org/.
+#
+# Copyright (c) 2022 BigBlueButton Inc. and by respective authors (see below).
+#
+# This program is free software; you can redistribute it and/or modify it under the
+# terms of the GNU Lesser General Public License as published by the Free Software
+# Foundation; either version 3.0 of the License, or (at your option) any later
+# version.
+#
+# Greenlight is distributed in the hope that it will be useful, but WITHOUT ANY
+# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License along
+# with Greenlight; if not, see <http://www.gnu.org/licenses/>.
+
+# frozen_string_literal: true
+
+if ENV['LOADBALANCER_ENDPOINT'].present?
+  Rails.application.config.session_store :cookie_store, key: '_greenlight-3_0_session', domain: ENV.fetch('SESSION_DOMAIN_NAME', nil)
+else
+  Rails.application.config.session_store :cookie_store, key: '_greenlight-3_0_session'
+end