What is the best approach for SSO and resource consumption via API v2?
We have an app that we would like to integrate with Vanilla via SSO.
jsConnect approach either for embedding or full-site is not useful to us since we intend on using API v2 to request specific resources and display them however we see fit.
How can we programmatically create or log a user in, while getting its access token?
Is there something like jsConnect, where we would set up an endpoint for Vanilla to request user info. Vanilla would then create a user or link it to an existing account, if email already exists, and reply with its access token?
This token would be used later by our server to proxy user requests. This way the end user's token never gets exposed.
How would you approach this? Does the user access token expire?
Thanks in advance,