I need help understanding how to 'think' about single sign-on for my multi-tenant application. I've tried ChatGPT for explanation; but I think my fellow humans can do a much better job.
Here's what I'm building:
A laravel application that allows customers to create subdomain.example.com and then run it on their own domain subdomain.customer-app.com by pointing CNAME record.
I'd like to authenticate the users of customer-app.com when they visit subdomain.customer-app.com automatically. That is, when they are logged-in to customer-app.com; they are automatically logged-in to subdomain.customer-app.com (which is running subdomain.example.com behind the scenes).
My laravel app is ready; but I'm unable to figure out how would authentication work in this setup. Reading the Laravel Passport documentation has not helped; because I'm not able to figure out how the information exchange works in the above scenario.
Would really appreciate it if a good soul can help me figure this out. Thank you in advance.