Single Sign-on

Provide a seamless user experience across multiple products with the single sign-on feature.

Single sign-on (SSO) is defined as login once, logged in all apps. If you have multiple mobile apps or websites that use the same Authgear project. You can configure your apps to turn on the SSO feature, so the end-users only have to enter their authentication credentials once.

If you are building cookie-based websites with the same root domain (e.g. app1.example.com / app2.example.com), you can skip this section. Sessions are shared among *.example.com automatically, see detail.

If you are building token-based websites or mobile apps, you can enable the SSO feature via the SDK.

When SSO-enabled is ON, the end-user will need to enter their authentication credentials when they login to the first app. Later on, when they login to the second app, they will see a continue screen so that they can log in with just a click, without authenticating themselves again.

It is important that when the SSO feature is ON, don't set the prompt parameter when authenticating (e.g. prompt=login). Otherwise, the end-user will need to login again.

When the end-user logout the SSO-enabled app, all the apps will be logged out at the same time.

You can turn on this feature when you configure the SDK by setting the is sso enabled option to true.

authgear.configure({
    clientID: CLIENT_ID,
    endpoint: ENDPOINT,
    sessionType: "refresh_token",
    isSSOEnabled: true,
});

Last updated

#236: add import user api doc

Change request updated