C# – Forms Authentication across Sub-Domains

asp.netcforms-authentication

Is it possible to authenticate users across sub-domains when the authentication takes place at a sub-domain instead of the parent domain?

For example:

User logs into site1.parent.com, and then we need to send them to reporting.parent.com.

Can I authenticate them to the reporting site even though the log-in occured at a sub-domain?

So far all of the research I have done has users logging into the parent domain first and then each sub-domain has access to the authentication cookie.

Best Answer

When you authenticate the user, set the authentication cookie's domain to the second-level domain, i.e. parent.com. Each sub-domain will receive the parent domain's cookies on request, so authentication over each is possible since you will have a shared authentication cookie to work with.

Authentication code:

System.Web.HttpCookie authcookie = System.Web.Security.FormsAuthentication.GetAuthCookie(UserName, False);
authcookie.Domain = "parent.com";
HttpResponse.AppendCookie(authcookie);
HttpResponse.Redirect(System.Web.Security.FormsAuthentication.GetRedirectUrl(UserName, 
                                                                       False));
Related Topic