https://supertokens.com/ logo
Join Discord
Powered by
This is kind of my situation too... Isn't the poin...
# support-questions
d
This is kind of my situation too... Isn't the point of SSO to be able to login to multiple websites that have different domains? What exactly is ory hydra able to do that supertokens cannot? I have 3 sister websites with different domains. I'm looking to migrate part of their DBs to supertokens or ory in order to have SSO between them. But I still need to have it so that people have to actually register on each site to activate their profiles. Tho it should detect their username/email address when they've already signed up for one of the other sites.
r
Hey @derptacious
d
🙂
r
SuperTokens is not yet an OAuth provider. So for example, we don't have the authorisation code grant flow out of the box which is used to "transfer a session" across multiple domains.
However, that's only useful when you have one common login domain for all sites
In your case, since each site has it's own login, you don't need OAuth
And therefore, you can use SuperTokens on each site without any issues
In order to share the same user pool across all the sites, you can make each site connect to the same SuperTokens core.
About ease of use for us vs Ory, (i am of course biased), but its easier to make customisations on the backend APIs using SuperTokens as long as your backend is in node, golang or python. Have a look at our architecture page to get an understanding of how it all works
d
so each server would run its own supertokens service, and those services would somehow sync with each other, or one is a source of truth?
i would like to be able to shut down one server without people losing the ability to login to the others
each of the three sites is on a separate server
i could migrate them all to one server maybe... but im also curious about having the ability to not do that
r
Each site's backend would integrate with our backend SDK. The backend SDK would then talk to the SuperTokens core. The same SuperTokens core would be shared across all the backends
d
where is the supertokens core hosted?
r
> i would like to be able to shut down one server without people losing the ability to login to the others > each of the three sites is on a separate server This is possible
d
this is all 100% self-hosted as I understand it
r
> where is the supertokens core hosted? You can either self host it, connected to your own db. Or you can sign up on supertokens.com to get a managed core.
what kind of login method are you looking for?
email / password + social? Or something else?
d
zero social
we currently have username or email address in login field, plus password
r
d
but we will have to merge people's accounts across 3 sites into the auth provider we end up choosing
because many have already registered accounts (mostly using the same email address) across the sites
r
Yea.. since they will be sharing the same SuperTokens core, that can be done easily
And you can also add a username field to the login form and use that for login via some customisations.
d
so which of the 3 sites/servers would i host supertokens core on?
or could i host it on more than one and one is active/passive?
r
The supertokens core would just be a microservice that the backend of these sites would talk to
d
each site's stack is running in docker behind traefik btw
r
I suggest that you checkout https://supertokens.com/docs/emailpassword/architecture to understand how SuperTokens works
And then maybe it would be clearer
d
will do
any idea about xenforo integration?
r
That, i don't know much about.
But if you have any specific questions, I can help
d
ok thx
much appreciated
r
Well, it uses PHP
we don't have a PHP SDK
This means that you will have to spin up a node server which uses our node SDK for each of the three sites.
(node / python or golang)
d
I guess Ory has a PHP sdk tho
in order to talk to one xenforo instance?
r
Well yea.. but any customisation you want to make wouldn't really be in the PHP side.
> in order to talk to one xenforo instance? Yea. The frontend would query the node server for sign up / sign in / sign out etc.. and on sign in, it would create a session with a JWT. The JWT can be passed to the php backend APIs to auth your APIs.
d
ok i gotta look into how to do that with xenforo more
unfortunately it is the only decent forum software I've found these days
this infinite scroll crap and layout of discourse seems totally destructive to discourse. geeks adapt to it, but most don't
r
hmmm
Well, if you like, you can always book a call with us (from our site) to discuss this in detail. Would be happy to help
d
thanks when we get further along perhaps to verify our architecture is coherent. Thanks!
r
Sounds good!
PreviousNext
Powered by