0

we have a main angular application with auth0 setup. Inside main application lives another sub-application which is imported as a npm module. Sub-application has also a standalone deployable version for development and testing purposes.

Since standalone version must have its own way of authentication and sub-application has different roles with different permissions, we have created another auth0 client for sub-application but currently not making use of it yet. Therefore sub-app is using same auth0 client as main-app does.

According to current setup of integrated applications, accessToken set by main app and read by sub-app to be able to add into request headers. Now we are planning to use its own client credentials for sub-application. To do that we also need to add new key-value pairs into localStorage (maybe adding prefixes into existing ones in sub-app config) so that they won’t conflict.

At this point I would like to ask if this is a ideal and proper setup for such a sub-application. I am open to any suggestions. Thank you in advance.

Ayberk
  • 50
  • 11

1 Answers1

0

I guess you are using canActivate with and authGuard to protect the routes of your applications.

Then you would perhaps need to create a new authGuardService for your sub-application.

example :

In your main app you would use AuthGuardServiceMainApp

  {
    path: 'main-path'
    , component: MainComponent
    , canActivate: [AuthGuardServiceMainApp]
  }

And in the sub-application you would use another service.

  {
    path: 'sub-path'
    , component: SubComponent
    , canActivate: [AuthGuardServiceSubApp]
  }

This way you can have custom controls over authentication in each service.

Herezia
  • 1