We have a variety of systems (shop, normal website, forum, helpdesk) and want to implement Single Sign On.
The example GitHub - auth0-samples/auth0-php-web-app: Auth0 Integration Samples for PHP Web Applications works great on our system. A user can register, logout and login when he returns.
The user is also known when login is performed on another of our systems.
The only thing we have troubles is the Single Sign On. Once a user is logged in the shop, he is not logged in in one of the other systems.
I have read the article about JSON-web-tokens.
Sounds great, but they say “when the user successfully logs in using their credentials, a JSON Web Token will be returned”.
Ok, in my example, the JWT will be returned to the shop. But how does the other system get the JWT?
So I searched the site for single sign on and found
There I read:
“Your application redirects the user to the login page.
Auth0 checks to see whether there is an existing SSO cookie.”
But even if the user logs in before he is redirected to the login-site once again.
Can anyone help us please?