I have an architecture made up of apps running on GCP Cloud Run “serverless” servers, with each app located on a different subdomain - app1_product_com, app2_product_com, etc. Each app is directly exposed to the web, and is not fronted by a gateway or reverse proxy.
The cookie that holds the current user session state is shared across all of the apps via cookie setting domain=product.com.
Can Kratos be used in this scenario? If so, how? After reading the docs, it seems that Kratos wants the entire app to live beneath one host (e.g. app_product_com).
One solution might be to use Kratos to back our identity app (id_product_com), and after a successful login/registration, set a second separate session cookie with domain=product.com. However, keeping this new session cookie in sync with the Kratos session might be an issue.
Any solutions would be welcome. Kratos looks like a fantastic product, and I’d be happy to use it if possible.
