Hello Auth0 Community,
Business Context
We are in the process of implementing the new universal login experience, and will need to support authentication for users originating in our application, as well as support authenticating users of our 3rd party clients apps as they login to our application. These 3rd party apps will have existing user accounts in their system, and they want to login to our application using those the same user account credentials.
Ideal User Flow Request by 3rd Party
The user will follow these steps:
- User logs into 3rd party clients app using 3rd party’s user credentials
- 3rd party’s IDP (which we must trust) authenticates user
- User lands on page/dashboard (user is still in their hosted site), which contains a link to go to our application
- User clicks link, and unbeknownst to them (behind the scenes), user is authenticated into our application with the 3rd party user’s credentials.
- User is redirected to our application lands on our apps home page authenticated
Note: client simply does not want their users to have to enter credentials twice in same flow.
Assumptions
- In order to setup our Auth0 application and connection (in the Auth0 dashboard) with the 3rd party, the 3rd party will need an identity provider that supports OIDC/OAuth 2.0, WS-Federation or SAML.
- We know we cannot share API keys directly with 3rd parties.
- We know we will need to have the trusted IDP authenticate the 3rd party user.
Question
Is there a feature/mechanism to initiate authentication without interaction from the user (no login screen/prompt)?
Thanks in advance for your help!!
Jeff