How-to: Authenticate a user that was authenticated through external system

[colin-riddell]

How to authenticate a user based on another JWT - eg pre-authenticate the user that was authenticated through another (separately hosted) login page. The guide could be called "How to use SAS with existing non-oauth system + login page" or something?

This would be very useful as there are a lot of systems out there that are built on JWT, but don't provide full OAuth2.0 flow support. This would allow people to use SAS on-top of their non-oauth system without ripping out the existing system.

Related question and answer: Spring Authorization Server: How to use login form hosted on a separate application?

Ref: #499

[sjohnr]

For others, just a note to see this answer to the stackoverflow question specifically. This would be adapting that answer into a guide. Another option for this How-to could be:

• How-to: Externally authenticate a user without OAuth or SAML

Or even:

• How-to: Pre-authenticate a user with a JWT assertion in the URL

As I mentioned in the SO answer, this could relate to JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants and #59, which was recently merged! So there may now be better or related answers (though there's probably a better answer regardless 😉).