Our web app offers a service that allows a "Publisher" to create a website (we give them a CMS system) that is ready to provide this service to "Members" (think Shopify).
We have some possible clients that wish to become "Publishers" but they already have existing websites (vbulletin, word press blog, etc) with their own user base.
We wish to develop an API that would allow these "Publishers" to keep using their own websites, and embed our services into them.
Our main business requirement is that once "Members" are logged into the "Publishers" existing system, they should be able to also access our website without having to log-in again OR have to create another account there. The process should be seamless to the "Member" and "Publishers" should not have to sync their user base with our system. We also want to use an existing API authentication/authorization system instead of creating our own (OAuth, OpenID, etc)
What would be the best way to use OAuth to achieve this sigle-sign on design? If OAuth is not the best tool, is there any other one out there that fits our requirements?