SSO plugin choice

julian, so there is no way to refresh token?

julian, thanks, I’ve read it before. But my IdP(identity provider) can send cookies as response and this cookies can be shared through domain, therefore user will be signed in on my forum.

Also, could you please clarify, there is no mechanism to refresh this cookie? As I know it is considered a best practice to have access token (short life-span) and refresh token (long life-span)

julian, Did I understand you correctly, that I can send cookie from my IdP and this cookie, if it has encoded inside email and id of the user from nodebb database, will be matched by session plugin, therefore the user will be signed in?

Also, could you please clarify, there is no mechanism to refresh this cookie? As I know it is considered a best practice to have access token (short life-span) and refresh token (long life-span)

Thanks for the answer, I have connected my own idp and it required just a little change in my code (adding displayName for /userinfo endpoint), the result was achieved much faster and better than with fusion auth solution.

I’ve read also about session-sharing, however, I am not sure that I’ve understand it fully. I’ll be very grateful, if you could answer my questions

1. So, if I am sharing a cookie between my subdomains(for example: forum.example.com(nodebb app) and articles.example.com), it has a domain name of example.com, how forum.example.com will understand that this is exactly this user from the database? Does this user required to log in for first time, therefore, its id from my sso database is shared to nodebb database?
2. Also, if the cookie is taking a role of access token ( 15m lifespan ), can I share a refresh token to refresh it somehow?

Hello everyone, right now I am working on adding SSO authentication to my nodebb forum. I have chosen plugin from fusion auth for that, however, during the development I’ve faced a lot of issues and undefined behaviour. Maybe, it is my fault, but I still want to ask more experienced guys for an advice.

1. What plugin is being used right now for SSO in case if I build my own identity provider?
2. I want to implement auth cookies share between subdomains, I’ve tested it with playground apps, however, I am not sure, will be it working with the nodebb?