Hi there.
The premise :: We would like to implement SSO between our 2 SPA’s(one in AngularJS the other in Angular) the backends are implemented in Golang. I have some confusion on where the callback for login should be implemented.What is the best practice around this.
Can the callback url be to the backend, and once the token is received the backend redirects to the frontend. Will auth0 send the referrer url along with the request to callback url in this case?
Or If the callback url is directed to the frontend, then the access token received from auth0 needs to be send to the backend for every request. The API would use its secret to validate the token with auth0, and if valid, would return a 200 response.
Thanks