Background

I have a web application "APP1" (front-end: Vue.js & Back end:Azure function) deployed in azure app service. I have implemented client directed sign in (easy auth using this), after that I can authenticate user using provider's sign in page [both AAD & google].

Target

I have another web application "APP2" deployed in on-primes server. I want to redirect to APP1 from "APP2" and automatically sign in without provider's sign in page. I will read credentials from environment variable.

Tried solutions

• I have found a similar issue here, however I am unable to use the solution because the DB between AAP1 and AAP2 can't be shared
• I have also checked the google identity providers documentation, however I am unable to find how to programmatically sign in without provider's sign in page

Question

1. Is it possible to programmatically sign in to google identity to get token without provider's sign in page

CodePudding user response：

The whole point of google identity is to prove the identity of the person behind the machine.

OpenID Connect is an open standard that companies use to authenticate (signin) users. IdPs use this so that users can sign in to the IdP, and then access other websites and apps without having to log in or share their sign-in information. (id_token)

OAuth 2.0. This standard provides secure delegated access. This means an application created by a developer, can take actions or access resources from a server on behalf of the user, without them having to share their credentials (login and password). It does this by allowing the identity provider (IdP) to issue tokens to third-party applications with the user’s approval. (access_token, refresh_token)