So we have a main web application which implements its own authentication & identity system (Rails + devise). And we’re developing a new service which is embedded into the main web app. This service needs to talk to an API backend which uses Auth0. And slowly we will be migrating our main web application to Auth0 as well.
But during this transition phase, we know that the user is logged into main application when they are accessing the new service via an iframe. Is it possible to generate JWT for the user so they get logged into the new service automatically?