How can authentication be shared among multiple (sub-)domains?
An unauthenticated user arrives at www.example.com.
The user logs in on: https://api.example.com/login
After successful login, the user is redirected to: https://dashboard.example.com
When going back to: www.example.com - the session is kept, and the user can now log out from there
An example is shown by Heroku, which shares cookies among the apps as in the screenshot.
How does this setup work? How can this setup be imitated with Rack apps?
using SSO/OpenID style techniques, for example by redirecting via forms and transmitting the authentication challenge tokens back and forth in the form parameters.
For example look how stackovervflow and sistersites do it. You can log into one using the other and it is implemented via forms and redirects.
For strictly subdomains, you can just use a single session cookie which is sent to all hosts within "*.domain.com"
- How do I get currency exchange rates via an API such as Google Finance?
- Permission for using Amazon Marketplace Web Service (MWS)
- How to List Product on Existing Product Page
- Amazon MWS API Address format for CreateInboundShipmentPlan
- MWS Developer access for PII personal identifiable Information Revoked - Buyersname, phone, Addresses are coming blank
- Amazon Marketplace Web Service (MWS) - add my offer to an existing product
- Amazon API ASP.NET
- Caching Amazon api data once a day
- Use Powershell to get book metadata from Amazon
- Google goggles with Intent OR Amazon API?
- Using results from amazon product advertising
- Amazon Product Advertising API (ItemSearch with ItemPage)
- Amazon product advertising API WCF4 Example
- Does Amazon have an API for searching products on their site for mashing up?
- Http 500 Internal Server Error with Amazon Product Advertising API
- How to get correct URL to offer or correct price of offer in Amazon Product API
- Fetch api only works after second Enter key input NextJS
- How can I send image with text using telegram bot API?
- Parse Json in Dart/Flutter to Entity/Model
- How to send data to API Post to be used by Lambda Function
- Why does my API response say "Filtered array only contains 0 items."
- How do I resolve this bug when setting up log in authentication system in react?
- Mapping high-level functions in user-mode dlls to NTDLL.dll
- Strapi LEFT JOIN two Tables
- Output one json record react native
- How to add a range of values in a Json and return the objects that are in that range
- Flutter riverpod: repeat call API after x second
- I'm trying to format a response from an api but i keep getting Warning: Undefined array key "timestamp"
- GraphQL API Querying
- Rails attempting to throttle my API with rack-attack. Unsure if it's working?