We have a multiple applications under one domain, and every application is built in asp.net mvc. Currently single sign on is facilitated using forms authentication, shared machine key. All applications are on same server for now.

For one our new application we considering asp.net core with framework option. We have an Accounts application which handles authentication(login/logout) for existing application. And we have build STS, using Identity Server3 into the same application.

www.mydomain/Accounts
www.mydomain/app1
www.mydomain/app2
www.mydomain/asp.netcoreApp1

The new test asp.net core application(client) using openIdConnect communicates with STS, Identity Server3 and is working fine.

Challenge: Have to facilitate single sign on between existing applications, which uses Forms Authentication, and new Asp.Net Core.

Operational/Environment Facts:

1. All applications are on same machine.

2. Access to machine key.

3. On navigation from app1 to asp.net core cookies are available in Request header.

Problem Scenarios:

1. If user successfully logins to app1 and navigates to asp.net core the user has to logon again for authorized access. No issue with anonymous access.
2. Similar to #1 vice versa case.
3. If user logout in any one of the application then user should be log out from all the applications.

Since test application built using Asp.net core with framework option, will FormsAuthentication be compatible? direct me to documentation or code snippet?

Please share your ideas.