I would like to bump this question. How does one accomplish the following.
Authenticate to a host .net application (or any private auth)
Redirect the user to a Mendix application with authorization provided by host
Authenticate into Mendix without creating a Mendix User (is this possible?)
Some options that spring to mind are
GET Send secure hashed credentials in a url.
The Mendix app will decode the hashed credentials and redirect the GET request to a authenticated Mendix session
POST the credentials to a Mendix API and get a Mendix session
Mendix authorizes a specific session
Mendix API responds with a hash token
Host app logs into Mendix with provided session ID
The big question here is if I have 1 million users in my host application and I may have upwards of 5,000 Users online at any given moment, how do I create authenticated Mendix App sessions from my host application without creating thousands of Mendix Users?