SSO for Laravel 5.3 Passport

Question

I am very new to Laravel 5.3 passport ( oauth2 server )

Please let me know if this kind of job is available.

Supposed there are 4 servers (Apps). 1. Laravel Passport for authentication (App01, App02, App03, App04) 2. App01 3. App02 4. App03

Step 1 though Step 4 are sequential and let me know all the processing is available using Laravel passport

1.User John Doe access and login to App01. Laravel 5.3 passport create authentication token for him.

2. User John Doe access to App02 and log-in automatically ( SSO)

3. User John doe access to App03 and required to id and password, he manually input id, pw same for App02 and App03 and login successfully.

4. when user log out, all the apps ( App02, App03 ) is logged-off.

thank you for your precious reply.

Answer 1

It sounds like you should make your App01 an identity provider (OAuth server) and App02, App03 and App04 will redirect to App01 to get a short lived token. So these three apps must have OAuth client functionality - being able to

You are looking at OAuth2 Authorization Code flow: https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2

If you could live without requirement number 4 - logging out everywhere simultaneously, you could just rely on JWT tokens' embedded data.

Every JWT token issued by your App01 (Laravel Passport) already includes information like user ID and token expiration. Moreover, if you add your App01's public key on App02, App03 and App04, they can be 100% sure the token is valid - no requests to App01 necessary. But if user logs out on App01 later on, there is obviously no way to say it happened.