I've created a number of Resources for my service's APIs hosted on different subdomains of the same domain, like graphql.myservice.com
and api.myservice.com
. If I fill out authentication steps for those resources, when I load my app in preview, it tells me I have multiple resources to sign into, and I can re-enter the same credentials several times to authenticate each of them.
All my services will respect a single auth token stored in a cookie returned by my auth service (auth.myservice.com
). Is there a way to share the cookie jar between resources on the same domain so I only have to authenticate once for everything on myservice.com
?
As a stopgap, I've stopped using auth steps on my resources, I have a custom login form on my app that makes a REST call to fetch a token, I'm saving that in localStorage, then providing it in an Authorization: Bearer
header on each of my app's resource queries (api, graphql, etc.). This works, but I'd rather share cookies if that's an option.