How to manually create a session and a cookie with proprietary SSO?
I’m working with a big enterprise platform that has a proprietary single sign-on (SSO) process. This platform will post an encrypted payload to an endpoint on my server. I have been given a key to decrypt this payload, and inside this payload is all of the user information like email, name, etc.
Simplified, I receive a trusted POST message to an endpoint with a user's email. How can I check to see if this user exists, manually create a session for this user, and then redirect them back to a URL after this happens?
2 Replies
You will have to create a custom plugin for what you want to do here.
https://www.better-auth.com/docs/concepts/plugins
Plugins | Better Auth
Learn how to use plugins with Better Auth.
just use the example of how other plugin are implementing it