I would like to create multiple application, each application represent a company. An user should be able to have an account on multiple application (multiple company). Note: the applications are an SPA and one mobile application (Flutter).
First question, is the design ok so far ? Like having an application per company.
I already know (with the FusionAuth API) how to register to multiple applications (multiple API calls).
The real shadowed part here is how to login to multiple applications. In fact, the login API requires one
applicationId parameter. Before the API login request, I fetch from my datasource the application the user is in (it will be an array later I guess), then pass it to the
/api/login endpoint. It returns a refresh_token and an access_token. So far, so good.
When dealing with multiple applications, I don't really see how to manage all these login api response. Would I have to manage
n number of
refresh_token pair ? I'd prefer the user to login in only once and then he could access all differents FusionAuth Application. So I guess it's the best design, but it's annoying to manage this
n token complexity.
Is there a better way to achieve this ?
Thanks in advance,