Having single backend server listening to both desktop app and SPA

Get Help
1

Context: We first developed an SPA in react with a python-based backend that performs machine learning task. SPA is hosted on GCP. The database server in backend is also indirectly accessed via this flask server. auth0 for authetication works great. We then developed the desktop app. Electron was used for various reasons. The audience designated for desktop app works fine.
Problem: Since we now wish to support the users for both web-based application as well as desktop based one, we end up having two different audiences. We cant afford to have two separate machine learning backend servers.

Question: Can we have a single backend server, catering to multiple audiences?
For example, using JWT in python when we try to determine payload (see snippet below), is it fine if we iterate over multiple audiences? Are there any down-sides?

payload = jwt.decode(
                    token,
                    rsa_key,
                    algorithms=ALGORITHMS,
                    audience=API_AUDIENCE,
                    issuer="https://" + AUTH0_DOMAIN + "/",
)
3

Hi @planetoid.reader,

Welcome to the Auth0 Community!

Why would you need seperate audiences? If there is one API that is used by both client applications, you should only need a single audience/API.

5

Oh I misunderstood. So you are confirming that single audience would suffice for all kinds of frontend apps as long as they invoke the same backend code. Thanks a lot; I will follow that.

1 Like
6

Hi @planetoid.reader,

Yep! The audience refers to the resource server (API) that is serving the client applications.

For example, you could have a single backend API that serves data to a React app and an Android app. In that scenario, you would be using a single audience to represent your backend API, and two clients, one each for your SPA and native apps.

7

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.