Single Sign-On (SSO) into your WordPress and Multiple Applications using JWE Token in Cookie
This feature allows you to set up Single Sign-On (SSO) using JWE Token in Cookie. You can allow your users to perform Single Sign-On (SSO) into multiple applications without entering the credentials again. This solution requires one condition that all the applications should be hosted on the same domain or subdomain so that by fetching existing cookies this can perform the login.
How it works?
Let say we have two applications WordPress and Angular which is hosted on the mycompany.com and admin.mycompany.com respectively, now the users between both the applications are common so If a user A log in into the WordPress application then It should be automatically logged in into the Angular application. We can achieve this by following steps.
- Step 1: A user visits the WordPress application and logs into it with his credentials, while creating the user session the WordPress will create a cookie which the name could be mo_jwe_token and in its value WordPress will store the JWE token of the user.
We are storing JWE token instead of JWT token in the cookie because even if the hacker was able to obtain the token, the payload of JWE will be encrypted. So hacker won’t be able to decrypt the user information. - Step 2: As the other Angular application is hosted on the subdomain (admin.mycompany.com) It can access the cookies of the main domain (WordPress application). It will check if the cookie is set and JWE token is valid then It will perform some signature validation. If the signature is valid It will decrypt the JWE token and get the user information and create the same user session on the Angular application.
Also, If the user logs out from any one platform we can remove the cookie or expire the cookie so that on the other side It will be automatically log out.
Thus, we can easily establish the SSO into multiple applications using the JWE token into the cookie, which is secure and the cookie is easily shareable between multiple applications if they are hosted on the same subdomain.
Below are the scenarios in which your use case can fall -
1. Allow Single Sign-On (SSO) into multiple application with existing cookies
- Suppose the users are stored in an Identity Provider say miniOrange and in two applications we need to perform the SSO from the user identity which is stored in the IDP, but if a user is already authenticated with IDP into any application and user session is created then It should be automatically logged in into another application as well.
We can easily achieve this scenario using the SSO with JWE token in the cookie solution.
Recommended Plugins
Download the below miniOrange SSO plugin for Single Sign-On (SSO) into your WordPress and Multiple Applications using JWE Token in Cookie.
Recommended for JWT Single Sign On
WordPress Login and Register using JWT plugin allow you to login into the WordPress application using the JWT token(JSON Web token) from any other WordPress site. [24/7 SUPPORT]
Recommended for OAuth / OpenID Connect Single Sign On
WordPress Login ( SSO ) with Azure AD, Azure B2C, AWS Cognito, Okta, Ping, Clever, WSO2, Onelogin, Keycloak, many OAuth & OpenID Providers [24×7 SUPPORT]
Additional Resources
Mail us on oauthsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
