I would like to bump this question. How does one accomplish the following.
- Authenticate to a host .net application (or any private auth)
- Redirect the user to a Mendix application with authorization provided by host
- Authenticate into Mendix without creating a Mendix User (is this possible?)
Some options that spring to mind are
- GET Send secure hashed credentials in a url.
- The Mendix app will decode the hashed credentials and redirect the GET request to a authenticated Mendix session
- POST the credentials to a Mendix API and get a Mendix session
- Mendix authorizes a specific session
- Mendix API responds with a hash token
- Host app logs into Mendix with provided session ID
The big question here is if I have 1 million users in my host application and I may have upwards of 5,000 Users online at any given moment, how do I create authenticated Mendix App sessions from my host application without creating thousands of Mendix Users?