Menu
I have two domains using the same Firebase backend instance. We are using Firebase Email & Password auth only (we have no backend). Is it possible to allow users to roam between domains without forcing them to login again? One thought is that when a logged in user is redirected to the other domain, we pass the JWT in the URL, then use it to automatically login on the other domain. Would that be workable? Are there any security concerns there?
300
JWT tokens that Firebase generates are specific to that Firebase app, but not specific to any domain. So as long as you use a secure way to pass the token from page to page, you can re-use them.
147
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
