Protecting Content
Once a user signs in through your login app, Subdomain Login writes a signed session cookie to your app's cookie domain and sends the user back to your configured redirect URL. That cookie is how the rest of your site recognizes a signed-in user.
Recognizing signed-in users
Your application is responsible for checking for the signed cookie before showing protected pages, and sending unrecognized visitors to your login domain to sign in.
Verifying the signed cookie from your own application isn't available yet — we'll update this page with integration instructions as soon as it ships. If you'd like to be notified when it's ready, watch your app's settings page in the Admin Portal.