Third party login to Corteza

Hi everybody. I’m a new developer.
I have a question that Is it possible to use the existing Corteza refresh token to get new JWT token from new Vue App that develop from my side. I will deploy it with a specific domain then when users click to open it in Corteza Admin interface it will redirect to my app that will use the JWT token from Corteza to fetch some data.

Thank you very much.

You could use existing access/refresh tokens outside of the native Corteza web apps but this approach isn’t really ideal.

The main issues that come to mind:

  • when you would refresh the access token to obtain a new one, the old one would get revoked so the previous application would lose access,
  • how would you send the access/refresh token to the other app from Corteza? Sending them over GET query params is generally not a good idea.

Here is a better solution:

Since Corteza uses (from 2021.3 forth) OAuth2 flow you can quite trivially add the support to your custom application (since you’re using Vue you can even use our plugin for it).

  • Add a new auth client in your Corteza Admin (you probably could reuse existing auth clients, but it’s generally not recommended),
  • add the OAuth2 flow to your Vue app.

This would allow both of the applications to have their own credentials so they could both access the data.