I have a web app which is using stormpath identity management service.
Stormpath is new to me.. till now what i understood is you can signup and login into stormpath and stormpath will give you the access token. each account is associate with an application_id. right?
I read these two articles
http://docs.stormpath.com/guides/token-management/
https://stormpath.com/blog/build-api-restify-stormpath/
so here I'm having couple of questions for my use case/scenario. here are 3 main components.
1) stormpath
2) a web app (lets call it WA1) which is using stormpath to authenticate(this app is working fine)
3) another web app(lets call it WA2) which will be using the stormpath login(for same aplicationid) and another API exposed by above webapp(WA1).
If I login in my application(WA2), I get a token. now how can I use this token to access api exposed by WA1.
what if I logout from stormpath directly, will I still be logged in in my app. if yes then how we are authenticating user after that.
These queries might sound dumb but trust me I read and read but couldn't understand the flow. would be great if you could explain it.
PS: I'm using Django + django-stormpath (in WA1) and angular/Node/express (in WA2) PPS: or is it session based authentication overall(after 1st login)?
