Single Sign-On (SSO) into your WordPress and Multiple Applications using JWE Token in Cookie



    This feature allows you to set up Single Sign-On (SSO) using JWE Token in Cookie. You can allow your users to perform Single Sign-On (SSO) into multiple applications without entering the credentials again. This solution requires one condition that all the applications should be hosted on the same domain or subdomain so that by fetching existing cookies this can perform the login.


    How it works?

    Let say we have two applications WordPress and Angular which is hosted on the mycompany.com and admin.mycompany.com respectively, now the users between both the applications are common so If a user A log in into the WordPress application then It should be automatically logged in into the Angular application. We can achieve this by following steps.

  • Step-1: A user visits the WordPress application and logs into it with his credentials, while creating the user session the WordPress will create a cookie which the name could be mo_jwe_token and in its value WordPress will store the JWE token of the user.
  • We are storing JWE token instead of JWT token in the cookie because even if the hacker was able to obtain the token, the payload of JWE will be encrypted. So hacker won’t be able to decrypt the user information.
  • Step-2: As the other Angular application is hosted on the subdomain (admin.mycompany.com) It can access the cookies of the main domain (WordPress application). It will check if the cookie is set and JWE token is valid then It will perform some signature validation. If the signature is valid It will decrypt the JWE token and get the user information and create the same user session on the Angular application.
  • Also, If the user logs out from any one platform we can remove the cookie or expire the cookie so that on the other side It will be automatically log out.
  • Thus, we can easily establish the SSO into multiple applications using the JWE token into the cookie, which is secure and the cookie is easily shareable between multiple applications if they are hosted on the same subdomain.

    Use Case: Allow Single Sign-On (SSO) into multiple application with existing cookies:


  • Suppose the users are stored in an Identity Provider say miniOrange and in two applications we need to perform the SSO from the user identity which is stored in the IDP, but if a user is already authenticated with IDP into any application and user session is created then It should be automatically logged in into another application as well.

  • We can easily achieve this scenario using the SSO with JWE token in the cookie solution.


    firebase woocommerce integration social login on woocommerce

Need Help?

Mail us on oauthsupport@xecurify.com for quick guidance(via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com