Centralize authentication for multiple sites & apps — Use case

Overview

Embed hosted login/registration via a signed HMAC bridge without CORS headaches.

Problem

Teams maintain separate login flows per site, causing security drift, duplicate code, and inconsistent UX.

Solution

AccessGuard provides a drop-in HMAC bridge (PHP/JS) that proxies auth to your workspace with signed, replay-protected requests.

How it works

Create a Connection in AccessGuard, deploy ag.php/ag.js to each site, and embed <accessguard-login>. All auth happens centrally, returning short-lived JWTs with refresh, while your sites stay lightweight.

Who is this for

Platform Lead Frontend Engineer Security Engineer

Expected outcomes

Consistent login UX across properties
Reduced auth surface area per site
Signed, replay-safe requests with audit trails

Key metrics

Auth code maintained per site

Baseline

1200 LOC

Target

150 LOC

Auth-related incidents

Baseline

6 per quarter

Target

1 per quarter

Gallery

HMAC bridge diagram — Client → Bridge → AccessGuard

Downloads & templates

ag.php bridge script

Template

ag.js helper

Spec

Case studies

MediaNet unifies auth across 7 microsites

One hosted flow replaced 7 bespoke logins with measurable risk reduction.

Media Mid-market EU

Security impact

Email/username, IP/UA metadata, tokens (encrypted/hashed) · PII: business contact info

Compliance

GDPR (lawful basis & consent for processing)
SOC2 controls (access & change)

Availability & next steps

Free Pro Enterprise

Create a Connection and embed the HMAC bridge on your site.