Support the ongoing development of Laravel.io →
mbardelmeijer
posted 9 years ago
Authentication Architecture
Last updated 2 years ago.
0
sisou
replied 9 years ago

What you try to build would undermine the basic security that is given by the internet: that websites on one domain cannot create/change/read cookies for other domains. So no. The user needs to login at every domain seperately. OAuth or API keys only give you access from one domain to values on another domain in the name of the user. However, the user still needs to be logged in at the other domain to give you access to it from the first domain.

Edit: Seems like what I say here only applies to cookie-based authentication. Wikipedia points to LDAP for use in SSO applications (https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol), but that is outside my horizon :P

Last updated 9 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

mbardelmeijer mbardelmeijer Joined 7 Dec 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise