Share sessionToken between two apps


We have an application that contains two types of users and two applications: Service provider and Customer. Since there is the possibility of having a single (User) account for both. The problem we face is the login to the service provider application and shortly thereafter the login to the customer application or the sessionToken to the service provider application is invalid.

What to do?

I got a similar use case.
App A have admin users
App B have standard users

My solution: Parse custom Auth on App B

  • User on App A ask for a special token (in my case a JWT that contain his user id)
  • User is redirected to App B on special page that use loginWith with the custom auth and the token
  • App B check the JWT with the custom auth validateAuthData
  • User is created/updated by parse based on authdata id
  • I add a beforeHook on user to add it to role Admin for example
  • User of app A is now logged in App B

Note: The A app can be any backend
It’s like an internal oauth