mayankgopronto
12/16/2022, 12:29 PMapi.xxx.com
and the front end websiteDomain is identity.xxx.com
, but because we have a use case where we need to support custom domains, and the application will be running on yyy.com
. I am using jackson
using a custom provider to do SAML SSO. What would be the best way to handle this? I know we can set the access token in a custom header and store it in the local storage, but I am not a fan of that approach.nkshah2
12/16/2022, 12:33 PMapi.yyy.com
to point to api.xxx.com
. But if you cant do this, the problem would be that the normal set up wont work with Safari because it blocks third party cookiesmayankgopronto
12/16/2022, 12:44 PM.xxx.com
right? So how will pointing api.yyy.com
to api.xxx.com
help? How is api.yyy.com
used?nkshah2
12/16/2022, 12:45 PMrp
12/16/2022, 12:48 PMmayankgopronto
12/16/2022, 3:38 PMyyy.com
2. On click of "Login" button on yyy.com
, the user gets redirected to identity.xxx.com
3. User enters his email, gets redirected to his SAML IdP, completes the authentication and comes back to identity.xxx.com
.
4. At this point, when redirecting back to yyy.com
, you suggest that I send the jwt in the query string?
5. After coming back to yyy.com
, a request is made to api.yyy.com
and the jwt is verified and a new session is created with a new access and refresh token.identity.xxx.com
and here we use the supertokens' frontend sdk. Do you suggest we use the sdk on yyy.com
also? For session management? Although no real authentication will happen on yyy.com
rp
12/16/2022, 4:18 PMmayankgopronto
12/16/2022, 5:44 PMrp
12/16/2022, 5:48 PM