#Synchronizing JWT Authentication (php-open-source-saver/jwt-auth) and SAML in Laravel + Vue.js

2 messages · Page 1 of 1 (latest)

weak tinsel
#

Hello everyone,

I have a Laravel application with a Vue.js (Vite) frontend. Here’s how authentication is currently handled:

  • My frontend uses Laravel’s api guard with php-open-source-saver/jwt-auth to manage authentication via JWT.
  • A third-party application relies on my Laravel backend for authentication via SAML.

The issue:

  1. A user logs into my frontend using JWT (via the api guard).
  2. They then access the third-party application.
  3. The third-party app redirects them to my Laravel backend for SAML authentication.
  4. They are asked to enter their credentials again, even though they are already logged in via JWT.

I’m looking for a way to ensure that when a user is already authenticated via JWT, they are automatically authenticated via SAML without having to re-enter their credentials.

My questions:

  • How can I avoid requiring the user to enter their credentials again and leverage the existing JWT session to generate an automatic SAML session?
  • Would it be possible to automatically initiate the SAML authentication process using the JWT on the server?
  • Are there any existing solutions or packages to facilitate this synchronization?
  • If php-open-source-saver/jwt-auth isn’t suitable, what alternative package would you recommend?

I’m open to adjusting my authentication system if necessary.

Thanks in advance for your help! 😊

static vigil
#

Did you ever look into Laravel Sanctum? I always use that if I have some type of external connection.

Also if you want to keep using the same JWT session, just put it in a cookie.