Using SSO with multiple apps behind a reverse proxy

Total beginner question, but here goes. I have one app at www.example.com. When someone browses there, they hit nginx acting as a reverse proxy. Any URL that starts with /app gets proxied through to a custom web app at app.example.com. Any other request gets proxied through to cms.example.com. Both the app and cms portions of the app have protected content, so a user needs to be authenticated with each. Naturally, I want a user to have to log in once and then be authenticated with both apps. Here are my questions:

1. Since both the app and cms sites live at the same root domain (example.com), I can share cookies between them. Does this make something like Auth0 overkill? Would there be a simpler way to get what I want?

2. If Auth0 is a good fit, can someone point me to some good resources to get started? I’ve used SSO in the past from a federated identity perspective, but not as a true single sign-on solution, so I’m starting from a bit of a dead stop.

Thanks in advance.

Hey there @emarthinsen and welcome to Auth0’s Community! I would be happy to help!

It’s not overkill at all!

Below I have listed some of our documentation on SSO and universal login as I feel like it’s a great asset to your scenario. When you get a chance do you mind sharing some more details on your stack? Thanks in advance!

Thanks @James.Morrison! I’ll give these docs a read.

To answer your question, the cms site is built on Craft CMS and the app site is built on Elixir using the Phoenix framework.

I wanted to touchbase @emarthinsen and see if you had any additional questions on this front? Thanks!

Thanks @James.Morrison. I still have some docs to dig through, but I think it’s pretty clear.

No problem, happy to help!