Single Sign On Across Multiple Multisite Installations

I have 2 separate multisite installations. I setup User Synchronization between the 2 to make sure they all share the same users. I'm trying to set it up where when you log into one of them it automatically logs you into the other one. Please advise on how to do this.

  • Alexander
    • DEV MAN’s Mascot

    Hi @Jason Verdelli,

    User Synchronization doesn't actually work with Multisite installations. It's meant for single sites, and allows for the same usernames and passwords to be synched across several sites.

    However, it doesn't actually create a "single sign on" in the way that you would automatically be signed in from one site to the next.

    This wouldn't actually be possible on a set of decentralized sites, as you can't create authentication cookies for other domains.

    Best regards,

  • Brian Durost
    • Recruit

    Alex,

    I was actually able to get User Synchronization to work on multiple multisite environments. In this case I just want them in the database and I'm not concerned with carrying over user capabilities for a particular site (like on the main site). I was successful at setting up sub-domains to act as the dependent site. This at least gets them into the database.

    So where I'm at is I have all of the sites successfully syncing the database, however I want to have it so when they log into one multisite network it will automatically recognized the logged in session from the previous site they were just at and log them in.

    With that said, do you have any suggestions? I researched just about everything I could find on the subject via Google and even tested a few promising methods.

  • Brian Durost
    • Recruit

    Just as another point to help clarify, I'm trying to pull off something like what Envato Marketplaces did with their sign on. You can use one single sign on and use that across all of the different marketplaces which resides on different domains. I see that they have some form of single sign on service or integration built in given the url extension has something with "sso" in it.

  • Alexander
    • DEV MAN’s Mascot

    Hi @Jason Verdelli,

    I'm sorry, User Synchronization doesn't support Multisite - so it only works for Single installations.

    Our Domain mapping plugin can do SSO, but only for multiple domains in the same Multisite network

    Taking a look at your link, that wouldn't work exactly as you'd require separate domains.

    Hypothetically speaking:

    SSO is possible across multiple domains, but only if you have a central authentication server. All users are redirected there first, and an initial cookie is setup. Then when they go to visit another site, they'll first be directed to the authentication server. if the cookie is detected, they'll be redirected back to the intended destination. If not, they can login.

    All of this would take a good amount of custom development though. We don't have any system that supports something like this right now.

  • Steve
    • WPMU DEV Initiate

    What kind of investment are we talking about "All of this would take a good amount of custom development thought." It is something that I would like to contemplate. I have just posted on the job board for just such a solution. Are there any takers up for a challenge? Or are we comfy comfy? ")

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.