Currently I'm exploring options to implement SSO for our organization. We have multiple systems running under the same main domain name with different sub-domains on AWS. Each system has its own login/logout implementations via Globus Auth. Some systems are WordPress sites with member management and the auth is handled using OpenID Connect plugin with Globus Auth. Some systems are Python web apps that handle the Globus login/logout very differently through sessions and cookies or browser's local storage. So in short, the login/logout of each sub-domain system is different.

Globus Auth is compliant with the OAuth2 and OpenID Connect standards, but extends them to support use cases that are beyond the scope of those standards.

For authenticated users, the sub-systems use the Globus Auth token along with other tokens for further talks to the backend APIs. Would I be able to use Vouch to pass around the Globus Auth token between requests?

Before digging into the details of Vouch with the Nigix auth_request module, I wanted to ask if Globus can be integrated with Vouch?

I also found this tool: https://github.com/pusher/oauth2_proxy but it seems Globus Auth is not one of the supported providers.

Please advise. Thanks!