Hello and thanks in advance for the hints.
I’m working on a project composed by a React FE application which query a gal-server.
The gql-server has some BE micro-services as datasources.
We would like to implement the following flows without using any FE plugin and so using the embedded login:
- Login / Signup
- Auth / Authz
- Invitation flow (for back office users)
My idea is to create a BE micro-service which acts as my gql-server auth0 datasource.
So for example the FE application will call the login mutation along with the user credentials on the gql-server which will use the BE micro-service as datasource in order to retrieve the access token and auth the next mutation.
Does it make sense?
In this scenario I would refer to the BE micro-service as the a “confidential” auth0 client. Is it correct?
Which kind of Application should I create in the auth0 dashboard Application tab?
Based on it I would implement the resource owner password flow (https://auth0.com/docs/api/authentication#resource-owner-password), does it make sense?