Cross-subdomain nx-id auth, proved
A minimal Next.js + shadcn/ui product app that authenticates entirely against the central Nexus ID service — no local auth stack, no local user table.
This app is deployed at app.dev.nexusregen.com and signs in against https://id.dev.nexusregen.com. Because nx-id issues its session cookie on the apex domain (.nexusregen.com), a session established there is valid here too — the same proof any real Nexus ReGen product relies on.
- /login— password and email-OTP sign-in, method posture read live from nx-id's
GET /config. - /dashboard— a server component that reads the session by forwarding cookies to nx-id's
get-sessionendpoint. - /claims— decodes the session JWT and cryptographically verifies it against nx-id's JWKS.