Advice on Single Sign On (SSO) MVP help- Urgent[SOLVED]

Currently we have two apps running (accounts) and the other app .We implemented SSO with iframe postmessage. All works well . Except Apple users have to Disable ‘Prevent cross site tracking’ for them to login without Issues .
We have different ideas around this.

  1. OAuth. But it’s and MVP. They are both ours. so it doesn’t really make sense .
  2. So take a look if I have login on ,get the token and redirect to , call Meteor.loginWithToken with that token
    Second choice is just sad because some that sniff that token

What would you suggest ?

to have an idea of what’s this mess is all about


Add a field for each user account, which you can pass in the url and query the user e.g. random id. Get the active logintoken using that random id and then update that field with a new random id. So you are sure that each id is only used once. Then login the user using the login token

1 Like

What we are thinking of is quite similar. Thanks!

We thought of a Collection of nonce . That will be associated with each login activity

FYI – some SSO products, like Microsoft’s ADFS which is SAML, will not run inside an iframe.