SSO with multiple domains

fileeefileee Member
Problem description:
We have the situation that our product is whitelabeled on different domains.
origin.com
partnerA.com
partnerB.com
... are all hosting the same product/webapp of ours just with different colors etc.

Now if a customer goes to the account page on our webapp on partnerA.com and buys a 'premium' subscription we open foxycart. We use the same store on partnerA.com as on origin.com (otherwise it gets way too complicated maintaining everything from shipping logic, over coupons over xml datafeed handling).

The SSO endpoint of course is set to origin.com - but the user in this case is not logged in on origin.com, he is logged in on partnerA.com --> Meaning he needs to login again and SSO does not work here as expected.

Question:
We could still use our endpoint on origin.com and check whether the user is logged in on partnerA.com for example - however in order for that to work we would need to know where the user came from when he opened the foxycart checkout.

Do you have an idea how to achive that? Your documentation about the request body of the endpoint call does not mention anything that could help here.

We could maybe set a foxycart variable when the checkout is opened with the domain ("came_from"). However how can we retrieve that? We have the fcsid, maybe by using that and make a call to foxycart?
Tagged:
Comments
  • fc_adamfc_adam FoxyCart Team
    @fileee,

    Good question.

    If you're able to track where the customer has come from as part of their cart session with a hidden session attribute, you can fetch that using the fcsid and a request to the cart from your endpoint. We have an example of doing that in our example PHP SSO endpoint on our wiki: https://wiki.foxycart.com/integration/php/shared_authentication_example - note the commented out code which shows the cURL request.

    Does that help?
  • hey adam, hopefully. we will try this now. if you don't hear back from us it means it works :)
Sign In or Register to comment.