Single Sign On - Cross Domain Authentication (@auth0/angular2-jwt)
Question
I have several angular applications (in different sub-domains) and a main angular application (in the main domain). I'm using @auth0/angular2-jwt library to manage the authentication. It's working well, but not working for Single Sign On. I have to sign in every sub-domain and I need this to be done just once (in the main domain or any of the sub-domains).
I've tried with a regular expression for the whitelistedDomains, but it's not working:
JwtModule.forRoot({
config: {
tokenGetter: tokenGetter,
whitelistedDomains: [new RegExp(`(?:([^.]+)\.)*example\.com`)]
]
}
})
So, how can I authenticate users to all sub-domains if the user signed in to the main domain or any of the sub-domains?
- user signed-in successfully in example.com or x.example.com
- the user must be automatically authenticated to y.example.com, z.example.com, etc.
1 answers
solution1
0 2019-05-30 23:32:36
I would be happy to help with your question!
How can I authenticate users to all sub-domains if the user signed in to the main domain or any of the sub-domains?
Single Sign On seems to be a great fit for your use case vs Regex as it will enable you to authenticate your users across all your sub domains. SSO is enabled by default for all tenants that are that have been created within the last year. The easiest way to use SSO is by leveraging the Universal Login.
If you can use Universal Login you can just set the auth requests to always do prompt=none and this should check for cookies in the hidden iframe. However, if interaction is required you will get the "login required" warn in tenant logs and the end user will be challenged for credentials. I have referenced some core documentation that should help you on your journey.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.