Extension:CentralAuth/API

centralauthtoken
CentralAuth adds API methods for getting/providing a central authentication token. Using those, one can make API calls to any wiki participating in the same single sign-on system, without having a session cookie for that domain.

Auth tokens can be requested with the  action. A token is valid for a single request, and will become invalid after 10 seconds.

Tokens can be passed in via the  parameter. When making a POST CORS request, the parameter must be part of the preflight request and thus it must be in the URL, not the POST data.

Other modules
query/globalallusers, query/globalgroups, query/globaluserinfo, setglobalaccountstatus, deleteglobalaccount, globaluserrights