How to share an authorization token and stay safe?

ramjke · September 8, 2020, 7:00am

Hello Community.
I need an advice. What is the safest and easiest way to share a Discourse auth token ("_t" cookie) with another app on another domain?

I want to use the Discourse as a backend for Nuxtjs app.

fzngagan · September 8, 2020, 8:27am

This will help for sure.

ramjke · September 8, 2020, 9:13am

I’m sure it will help, but it didn’t answer my question.

fzngagan · September 8, 2020, 9:15am

I think you need to check how the user api authenticates to discourse. You’ll need to replicate the logic the official app uses. Cookies aren’t the way to go IMHO.
https://github.com/discourse/DiscourseMobile

Topic		Replies	Views
How can I authenticate 3rd party website using discourse? support	2	637	February 24, 2022
Setting the session token '_t' on the entire domain, not just my subdomain dev	6	5095	May 1, 2016
Can I use the Discourse API to authenticate users in another app? sso	17	1591	July 1, 2023
Discourse login by cookie token sso	2	1043	May 23, 2022
Mobile App auth - doesn't work support discourse-hub	5	347	October 5, 2022

How to share an authorization token and stay safe?

Related Topics