Any standard way to do full cross-domain authentication with trusted third party web applications?

Let's say I run example.com and 3rd-party.com is a trusted partner. Sometimes I want to send my users to 3rdparty.com letting this site know who the user is (by providing a user ID) so that no user action is required . Is there a way to do this with a (open) standard (like OAuth, OpenID)?

After spending a few hours researching the various options, I can tell that many are doing similar things, but not exactly what I want to do here:

  • Skip any user prompts. Third party app authentication should be smooth.
  • The user's journey begins on example.com, not part three.
  • I need to embed a third party web app in an iframe.
  • I also need to redirect the user to a third party application.

Note that I am looking for options that will rely entirely on standards, preferably open source. I already have several custom solutions, if there is no way to do it with standard technology.

+3
authentication cross-domain single-sign-on federated-identity


source to share


No one has answered this question yet

Check out similar questions:

42
REST Web Services Authentication
4
Provide an authorization code and password resource for trusted applications
3
How to perform SAML-based cross-domain authentication / trust
2
Using Coldfusion Session ID for SSO Authentication
2
Cross-domain authentication cookie iframe
2
Javascript: cross-domain AJAX for third party service
1
3rd party JWT validation for non-JWT secrecy authentication
0
OAuth 2.0 + OpenID for connect authentication
0
Automatic user authentication in web applications using Okta + SAML
0
Custom resource access through daemon using OpenID



All Articles
Loading...
X
Show
Funny
Dev
Pics