Authenticate to all Applications associated with API

I have multiple applications associated with one API.

The idea we have multiple microservices running on same domain but on different sub directory
For example:

I have a separate application for users to sig in, however after they navigate to application2 I want to issue tokens for that application from Application2, however, when I do that I get another sign page for that specific application.

Is it possible to sign in into all Applications associated with an API so that users only sign in once and will be able to issue tokens from that API just from different applications?

Right now I get redirected from authorize end point into login

Hi @kkulakou,

Typically you use Single Sign-On to authenticate between applications. You can make a silent call to authorize and retrieve a fresh set of tokens from any of your apps if you are using this approach.

What do you mean by silent call? Also how do I set up my tenant to have SSO with multiple clients?

Based on this This Documentation silent authentication will bring me access token in a call back URL without a refresh token. Am I missing something?

A silent call uses an existing cookie session to authenticate without user interaction. SSO should be enabled by default.

Getting a refresh token depends on what type of application you are using. Can you share more details about your applications?

@dan.woda thank you for been very helpful.

I have multiple web applications and one of the application is an authorization server that passes access to all other applications/clients.

I figured this out, I have to enable same database connections to other clients in order to grant access and refresh tokens from sub clients.

1 Like

Thanks for the update!