Internal Authentication Check (Optional)

Important

User logout webhook event must be implemented from the webhook setting to use this internal auth check. This ensures user's access tokens are properly invalidated across applications when a user logs out from web.

Enable

Add to .env:

SSO_ENABLE_INTERNAL_AUTH_CHECK=true
SSO_PASSPORT_PUBLIC_KEY=your_public_key_from_auth_dashboard

Required environment variables

AUTH_BASE_URI=auth server url
AUTH_CLIENT_ID=get from auth server
AUTH_API_TOKEN=get from auth server
ENCRYPTION_SECRET=get from auth server
AUTH_CALLBACK_URI=callback url of application
AUTH_EMAIL_CALLBACK_URI=
AUTH_REDIRECT_URI=redirect url of application
AUTH_REDIRECT_URI_2=redirect url 2 of application
AUTH_CLIENT_CACHE_TAGGING=false
SSO_ENABLE_INTERNAL_AUTH_CHECK=false
SSO_PASSPORT_PUBLIC_KEY=your_public_key_from_auth_dashboard