Single sign-on flow using JWT for cross domain authentication

Question

There is a lot of information on the web about using JWT (Json Web Token) for authentication. But I still didn\'t find a clear explanation of what the flow shou

Answer 1

Not sure if this answers you question, but if your main goal is single sign-on, I think a simple reverse proxy would solve your problem (at least the cross-domain storage one).

So example1.com example2.com

would become something like

example.com/example1

example.com/example2

(And from a user side, this is usually cleaner)

If that is not an option, you might have to set up so that when a user authenticates in 1 domain, it uses AJAX/hidden iframes to create an authentication with the other domains as well (sending a 1 time token via url if you must).

and if THAT'S not an option, you might have to resort to username+pin, as browsers are getting stricter about cross-domain interaction.