Topics created by stunny

I'm also facing the same issue. When someone send me email. I am totally unable to get it in my inbox or spam folder. What is the appropriate solution to come out from it.

@dan But is it possible to initiate the FA session?

Custom form is used for registration, it's on a separate page than the actual application (X). Let's say after the registration I get the token from FA on the server side. I can send it back to the client side and save it there. This way, when the user visits login page, I'm able to send the token to the server and from there to FA for checking.

But what if there's a second separate application (Y). In this app user tries to login, gets redirected to the FA login page. However, he's not recognized by FA here and is asked to enter his password.

I've read and tested your SSO example app, but it doesn't answer my case. Is it possible to do so that FA recognizes user when he is redirected from application Y after registration in application X's custom form? Thanks

What do you mean by 'user logs into desktop application'? How would you like to implement it?
If you implement step 1. as I've described in my previous post (by opening the browser window to log the user in) then there will be an SSO session in the browser already.
This is the flow that OAuth specs define for native applications, eg. desktop ones: https://datatracker.ietf.org/doc/html/rfc6749#section-9

This means that in step 3. when the browser is opened, the user is already authenticated.