locked
SSO for two websites using Forms Authentication RRS feed

  • Question

  • User-29703693 posted

    I currently have a web site built with web forms that uses Forms Authentication (website 1).  I'm looking to create a .NET 5 web application that will reside on the same server (website 2).  Users will only use website 1 to sign in.  What is the best way to automatically sign them into website 2 when they sign into website 1?  

    Also, say website 1 has the url example.com.  Can website 2 use the same url and just use a different port, or should I set up a subdomain name app.example.com?  

    Saturday, November 14, 2020 3:32 PM

Answers

  • User475983607 posted

    I currently have a web site built with web forms that uses Forms Authentication (website 1).  I'm looking to create a .NET 5 web application that will reside on the same server (website 2).  Users will only use website 1 to sign in.  What is the best way to automatically sign them into website 2 when they sign into website 1?  

    .NET 5 does not use Forms Authentication.  You'll need to come up with a different approach.  Typically SSO uses OAuth/OIDC these days.  

    Also, say website 1 has the url example.com.  Can website 2 use the same url and just use a different port, or should I set up a subdomain name app.example.com?  

    The flow is more complex than you realize.  At least learn how the OAuth/OIDC flows works.   That should help you understand the problem you are trying to solve.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Saturday, November 14, 2020 4:14 PM