Ti Hoe Neoh

I was looking for the same solution since LG Supersign doesn't support OAuth (only support database or ActiveDirectory), I think the only way is to do the following: 1) first, use an API Gateway to protect your LG SS from accessing by anyone who doesn't have a valid JWT Token. 2) Launch app 3) Navigate away to the 3rd party login screen 4) Login 5). Redirect back to the app...here you redirect to the API GW endpoint in (1). 6) API GW validate the JWT token and wheee user has LG SS Token. 7) since user doesn't have LG SS token. You can use a custom app or Lambda to perform login to LG SS thru OPENAPI (by LGSS). This process can be handled in the background so user won't realise there is a 2nd login to LG SS. 8.) pon success login to LG SS. You will receive the LGSS token. Add it into the user session. Your session should have JWT and LG SS token. 9) Redirect user to API GW again, which check JWT and LG SS. Since they are valid redirect user to LG SS Web page. Make sense?