Symfony 4: Is actual SSO between multiple TLDs possible? [duplicate]

This question already has an answer here:

So I am trying to figure out whether I can create true SSO between the applications of my client. The applications are reachable through actual TLDs so not subdomains like app1.companyurl.com, app2.companyurl.com. There is a central identity server working with OAuth2. All works if I log in every application on it’s own, requiring the visitor to log in at every site separately. But now I want the visitors to be able to log in at companyapp1.com and be immediately recognized as logged in when they visit companyapp2.com. Is that possible?

With the subdomains I easily made it work by setting the cookie domain in the config. With TLDs in my tests the browser always changes the session id for every TLD. I want to know is there a way around this or just not, period in which case I don’t need to spend anymore time on this. If it is possible, do you maybe have a tip for me using Symfony 4 for all applications (including the central identity server using OAuth2)? Thank you in advance!

EDIT: I see in this thread Single Sign On across multiple domains in the answer from jason saldo that it just doesn’t work with cookies. The top rated answer doesn’t satisfy my condition of cross-tld. Is there any way to do this other than with cookies?

EDIT2: Ok, it has been pointed out to me that the highest rated answer in that thread can indeed solve the problem, it is just not written in a tld-scenario. I will try this with my applications.

Source: Symfony Questions

Was this helpful?

0 / 0

Leave a Reply 0

Your email address will not be published. Required fields are marked *