Integrate app1 vs auth0, app2 vs auth0

Someone help me. Can I make the system like below? I want to build a system that includes app1, app2 and auth0 integration like this:

  1. user login app1, if successful, app1 sends token1 to client and app1 also notify to auth0 that token1 is valid.
  2. User clicks a button on app1 to redirect to app2 (also pass token1 to app2 via header)
  3. at app2, after receiving token1, will send to auth0, auth0 will verify token1 and return success to app2.

Hi @max.nxb,

Welcome to the Auth0 Community!

There is no need to let Auth0 know that the token is valid in this scenario.

If app2 is another user-facing app (not an API) you should not pass the token between the apps. Tokens are generally intended for specific applications via the aud and azpclaims and should not be consumed outside of their respective applications.

Instead, you can use Single Sign-On to seamlessly authenticate the user in another application and let it retrieve it’s own tokens.

Let me know if you have any questions.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.