I want to implement redirect-less SSO (by reusing the session cookies or some other way) across two applications in different subdomains of the same domain.
The way I am currently doing this in my legacy IDP is by setting a session cookie in
.domain.com and the two apps would sit at
app2.domain.com. They check with the idp (custom) whether the session is valid etc.
How can I implement this or another type of redirection-less SSO in Keycloak?
For technical reasons the http client accessing app1 and app2 cannot get redirected to the IDP, but supports cookies.