I have two applications in CakePHP 3.5. Each of them requires login data and other operations. I do not want to copy data between two databases, nor duplicate connections to the database with the Users table, and I do not want to copy functionality to support users. I would like one of the applications to be an authentication server and the other application to use the credentials. The schema would be: by going to the client application, you would redirect to the login page on the authentication server. After successful login we will return to the client application. Can I do an authentication server using the "ADmad / cakephp-jwt-auth" plugin? In other words, how to complete a session with data retrieved from an authentication application, or to store a token in a session? Any ideas?
Authenticate against your app with the users table, you'll get a JWT token in return. On the server side if your other app(s) do a HTTP request to the app that generated the token and verify it. The point is that you'll have to verify it if you don't do it any token could appear valid for your app that doesn't have the users table.