Any standard way to do full cross-domain authentication with trusted third party web applications?
Let's say I run example.com and 3rd-party.com is a trusted partner. Sometimes I want to send my users to 3rdparty.com letting this site know who the user is (by providing a user ID) so that no user action is required . Is there a way to do this with a (open) standard (like OAuth, OpenID)?
After spending a few hours researching the various options, I can tell that many are doing similar things, but not exactly what I want to do here:
- Skip any user prompts. Third party app authentication should be smooth.
- The user's journey begins on example.com, not part three.
- I need to embed a third party web app in an iframe.
- I also need to redirect the user to a third party application.
Note that I am looking for options that will rely entirely on standards, preferably open source. I already have several custom solutions, if there is no way to do it with standard technology.
+3
source to share
No one has answered this question yet
Check out similar questions: