Login to different apps from external domain


i have different subdomain with basic Yii2 apps, say app1.domain.com and app2.domain.com

Each app has user login module; user get from a database view its level (guest, tecnic, admin) and could get also the app name he can use.

I’d like to have unique login form in a different domain, eg differentdomain.com/login.php so when a user fill the form, his data is read from the database and can get authenticated access to app1.domain.com or app2.domain.com based on the data

I can use yii but if simple i’d like to use simple PHP in the differentdomain.com

Is there a way to do this?

Thanks in advance,


a way to do what?

A way to have a login on a domain with the logic to authenticate him and then take the user with his autentication on another domain

You cannot do cross-domain cookies. If you’re on abc.com you cannot assign cookies for xyz.com.

However, what you’re talking about is sub-domains. It’s all one domain so you can set the cookies for the domain example.com then access it from hello.example.com and world.example.com. Sub-domains are not new domains. Your cookies should look something like


Look up domain wildcards in cookies.

subdomains are only for my apps: app1.domain.com and app2.domain.com

Login is on another domain: differentdomain.com/login.php

so cookies is not the way to go I think.

Anyone with experience in oauth knows if this can be solved with it?

OAuth2 will not inherently solve your problem, because the first domain cannot assign cookies from the second. You want to persist a session in the browser, that means you need cookies for that other site.

There are a few things you might be able to do. A cross-domain AJAX request with some token validation — abc.com contacts xyz.com for an authorization token with some information about the user to be authorized on xyz.com. Then on the xyz.com server attach that user to an authorization token. Send abc.com that information back to the browser client and then the browser uses that authorization token in an AJAX request, hidden iFrame, or even a simple redirect to xyz.com. The xyz.com site then takes the token and logs in the user that’s assigned to it, during that request xyz.com returns some cookies. At least that’s my idea for it. Someone might have a better way to do it.

Cross-systemdomain logins are not easy.

Thank you Knight Yoshi, i will think about it. In the meantime i’ve done a scheme to help me and others to understand the situation



I changed a bit the environment so now i can login a user from maindomain.com and have them logged in in subdomains like sub1.maindomain.com and sub2.maindomain.com

What should i do log in user1 only on sub1.maindomain.com and user2 only on sub2.maindomain.com?