Hello Community
My company and I are currently looking for an Auth0 expert/consultant to help to connect our two application to Auth0 API.
We already reported the issue and ask Auth0 for help without success, so we hope there’s an expert in the community willing to help us.
We are trying to find an expert to help.
If you already have past experience connecting Auth0 to different kind of applications (and sharing tokens/session accross the apps), would you mind please to contact us to help us solve the issue ?
You can contact us at it-phoenix@photoweb.fr
You’ll find below more information about our implementation details !
Many thanks in advance.
Regards
We have two systems:
- A Magento (PHP) e-commerce platform (signup and signin functions)
- An Angular SPA application where the logged in user is redirected by Magento
The user logs into the e-commerce chooses a product and is redirected to the Angular App.
The two application are using differents URL/Domains (let’s say magento-shop and angular-customapp)
We have been using the universal login to authenticate the user for the last year, it was just working fine:
e-commerce platform (domain 1) > Auth0 custom domain login page (domain 2) > Angular Application (domain 3)
The first step is on the e-commerce and the Angular SPA is just to validate if the user is still authenticated, it uses the auth0 silent authentication and works properly.
Due to some business specific requirements (embed signup form into landing pages, have a password strengh level indicator as you enter a password), we decided to create our own login page and use the PHP SDK to do the integration.
The e-commerce is using the SDK in its latest version available here: auth0-PHP/README.md at main · auth0/auth0-PHP · GitHub
The angular SPA is still using the angular version available in npm: auth0/auth0-angular
After that change, Magento/PHP side, we can log in and log out from Auth0 using email and password, and access the e-commerce dashboard.
However, when I try to go to the Angular SPA URL, authentication is not working, the silent authentication returns an error, the log description shows “Login required” and the type is “Failed Silent Auth”
If I do some extra test PHP side, we are able to receive the token and all the user information, when I check if the user is authenticated following the documentation approach: auth0-PHP/README.md at main · auth0/auth0-PHP · GitHub
$session = $auth0->getCredentials();
if ($session !== null) {
// The user is signed in.
}
It is not null, I have all the information.
To do the login, I am using:
$auth0->authentication()->login($email, $password, $realm);
It performs authentication successfully.
The SdkConfiguration has all the required information such as domain, clientId, clientSecret, audience, scope, etc.
Is there something missing to allow silent authentication on the second system/domain to work as it was working with the universal login ?
There was no change in the second system.
We of course declared and configured two applications in Auth0 dashboard
Version: Angular - @auth0/auth0-angular - v1.3.1 PHP - SDK - v7.4 - Universal Login working PHP - SDK 8.0 - - Custom Login not working