Total beginner question, but here goes. I have one app at www.example.com. When someone browses there, they hit nginx acting as a reverse proxy. Any URL that starts with /app gets proxied through to a custom web app at app.example.com. Any other request gets proxied through to cms.example.com. Both the app and cms portions of the app have protected content, so a user needs to be authenticated with each. Naturally, I want a user to have to log in once and then be authenticated with both apps. Here are my questions:
Since both the app and cms sites live at the same root domain (example.com), I can share cookies between them. Does this make something like Auth0 overkill? Would there be a simpler way to get what I want?
If Auth0 is a good fit, can someone point me to some good resources to get started? I’ve used SSO in the past from a federated identity perspective, but not as a true single sign-on solution, so I’m starting from a bit of a dead stop.
Hey there @emarthinsen and welcome to Auth0’s Community! I would be happy to help!
It’s not overkill at all!
Below I have listed some of our documentation on SSO and universal login as I feel like it’s a great asset to your scenario. When you get a chance do you mind sharing some more details on your stack? Thanks in advance!