We are trying to understand the best ( cleanest, simplest ) way forward using Auth0 with an Angular 2 front end and a Spring Back end .
What we want to do is
- Have a user login to the Angular2 front end.
- Use the credentials of the successfully logged in user to call secured rest end points ( based on a users role ) on the spring server.
Do we need to have a separate Auth0 client for both the front and back end applications ?
If so does this mean that we will need to authenticate the user twice ?
Or is it possible to set up one Auth0 client which both the Angular and Spring applications use ?
If so does this mean that we can pass the JWT from the Angular login to the Spring server ?