SSO with Login API
-
We have a use case where we have a single entry point that our users would log into and then select an application from a list to which they would be (automatically) logged into it.
The general idea is that the first login would be done through the existing Login API (/api/login). Any subsequent "logins" (ie: the automatic login when you click on app in the list) would make the necessary calls to take the token from the login essentially use it for the life cycle of that app (or some logical equivalent).
Is there an appropriate way to manage an SSO scenario without the need of the oauth flow (which we are not currently using)? Is there a way to utilize the client library to swap an existing token for a token from a different app? Trying to figure out the best way to explain this.
-
Please also note - We are currently logging in with a custom UI that is not related to the FusionAuth instance. We're just utilizing the APIs to simulate that login.