Fast API Backend + Vite React SPA frontend
I am confused if I should be creating 2 applications or 1 application for this setup.
Basically I want to authenticate the user and send them an opaque token via cookie and use that for all of the auth downstream. I am not thinking of AuthZ, for AuthZ i think i'll need to reachout to something like casbin as zitadel AuthZ seems more around zitadel specific resources and not application specific things as per say. But AuthZ is another story.
This thread talks about it: FastAPI OpenIdConnect
But It's not clear whether I should create 2 applications here. 1 for API and another for SPA?
this is roughtly my arch, i want to protect my api endpoints via the session token but I don't want to introduce API access to it yet(i.e only access via session tokens etc)
What am I missing?
Basically I want to authenticate the user and send them an opaque token via cookie and use that for all of the auth downstream. I am not thinking of AuthZ, for AuthZ i think i'll need to reachout to something like casbin as zitadel AuthZ seems more around zitadel specific resources and not application specific things as per say. But AuthZ is another story.
This thread talks about it: FastAPI OpenIdConnect
But It's not clear whether I should create 2 applications here. 1 for API and another for SPA?
this is roughtly my arch, i want to protect my api endpoints via the session token but I don't want to introduce API access to it yet(i.e only access via session tokens etc)
What am I missing?
