First time Auth0 user, so I apologize if I have missed something obvious
I am developing a simple web-app that requires 3 levels of access:
GUEST - view:documents
USER - edit:documents
ADMIN - delete:documents
I only want USER and ADMIN to login - anyone else should be able to view documents. (This seems like an extremely common use-case).
I have setup my frontend with auth0-spa-js and apollo-client and my backend with mongoose and apollo-server-express. I have followed your quickstarts and have something running. The login and signup works well. However my API is now locked out for anyone who isn’t logged in.
I do have access to my API directly, say, through graphql playground, and my query works without any authorization header, but this get locked down in my app - no authenticated user - no query.
How do I grant public access to my API?
Do I have to run another server in parallel (seems like a lot of duplication)?