Generating something to log user in transparently
I don't know if the subject adequately describes what I want to do:
I'm developing an app that has a Chrome Extension counterpart. I want the user to only need to log in once and have that login shared between the app and the extension. I've read that I could mint a JWT and send it to the client, but it looks like that would just set the bearer token for the current session and not actually create a real login session.
Is the right thing to do running
Ideally I'd like to generate whatever is needed using the admin client from the backend
I'm developing an app that has a Chrome Extension counterpart. I want the user to only need to log in once and have that login shared between the app and the extension. I've read that I could mint a JWT and send it to the client, but it looks like that would just set the bearer token for the current session and not actually create a real login session.
Is the right thing to do running
getSession() from the app, sending that data to the extension and running setSession() from the extension with that data, or would that fail due to the refresh_token being used more than once?Ideally I'd like to generate whatever is needed using the admin client from the backend
