Hello,
The system I’m working on has 3 parts to it and I’m not exactly sure how to setup the Auth0 Applications and APIs:
- Single Page App (NuxtJS/Vue w/ SSR)
- GraphQL API that the SPA communicates with (Node/Apollo Server Express)
- gRPC API that receives the requests from the GraphQL API (MaliJS)
Auth0 Setup So far:
Applications:
My SPA (Single Page Application)
APIs:
My gRPC API
GraphQL Application:
This application will receive all of the requests on behalf of a user. This will also be sending all requests to the gRPC services on behalf of a user. There will also probably be M2M communication here at some point so we’re planning on it (Processing data feeds and adding information to the system).
gRPC/MaliJS Application:
The gRPC app will never receive a direct request from a user. The gRPC will receive requests on behalf of users, as well as automated processes where there is no user (M2M)
- How should I setup the “GraphQL API” application? Generic? Regular Web App?
- How should I setup the gRPC application? Since this only gets requests from other apps, some on behalf of a user, some from other scheduled services, would this be an M2M? Or Generic/Regular Web App?
My background was always implementing a standard user/password setup that was build in-house so using a 3rd party and JWTs is new to me. I tried to implement middleware in the gRPC API that would allow me to verify/decode the token but I was unable to do it successfully. I could not find any examples of handling the tokens without using middleware for frameworks like express, koa, etc…
I also looked into passport-auth0 but it requires express and express-sessions, which do not exist in the gRPC application.
Any help would be greatly appreciated!
Thank you,
Steven