← knowledge.oriz.in

Cross-site auth via auth.oriz.in

architecture architectureauthfirebasecross-siteextensions

Cross-site auth via auth.oriz.in

Concept

The Firebase project oriz-app exposes its auth handler at the custom domain auth.oriz.in. Every site (*.oriz.in) and every browser extension funnels sign-in through that one domain, so the user signs in once and is signed in everywhere.

How it works

Why this shape

A custom auth domain achieves three things at once:

  1. Recruiters never see a firebaseapp.com URL during sign-in
  2. Auth state survives browser third-party cookie restrictions, since auth.oriz.in is same-site with every *.oriz.in subdomain
  3. Extensions can use the standard chrome.identity flow without each needing its own OAuth client

The single Firebase project also keeps the user model simple — one uid per human across the entire family, so subscription unlocks flow naturally.

Cross-refs