Authenticate user for standard pages and SPA using Lock

,

Background
Hello,
we have 2 roles for users

  • ADMIN
  • USER

We have a backend backend.app.com 2 applications for them:

We want to have only one Lock for these apps. Say you try to connect to admin.app.com or user.app.com you are redirected to the Lock widget on auth0.app.com.

How I think it should work
The successful login will redirect us to backend.app.com from here, based whether it’s ADMIN or USER, we would route to the correct app.

What is the problem, then?
How do we pass credentials to the frontend from the routing endpoint?