Hi folks, I’m a pretty experienced dev in a lot of ways, but new-ish to Auth0.
My idea is to create a SPA app which will run on s3 to start, and eventually a HTML based phone app (like cordova or ionic) which will pull the strings on an AWS API gateway.
From what I can gather, I’ll need to have a SPA application, and the authentication token on this application will probably also be shared with API gateway custom authorizers that share the same client ID.
So, a user will authenticate via a static SPA type architecture (like the Gatsby example i’ve found) and then pass through the bearer token also along with the API gateway requests which ill parse the same token. Is that the right basic idea?
I went through their API gateway custom authorizer tutorial, but it stops before it gets to the SPA section so the marriage of the 2 is where I’m getting hung up.