I’m fairly new to auth0 and was trying the sample applications with Java Spring. As I checked out, there are two different approaches: Spring Security for Backend and Java Spring Boot.
My company has many applications (all of them client/server), both internal and external ones for customers. With a centralized SSO via Auth0, we add then users via AD or database and assign them permissions/roles for the respective applications. As far as I can see, I need one API per Application, is that correct?
My plan is to use Spring Security and use annotations for every action, as this is described in the Spring Backend tutorial.
I first checked out the frontend Spring Boot sample and added
audience: http://localhost:8080/api (which is my API that contains roles with the logged in User)
to my application.yml - in order to get back the roles of a user, but with no success.
I’m a bit unsure - what’s the difference between the sample with backend and frontend? Can Auth0 fulfill my needs?