I'd like to create two secured Spring Boot 3 projects:
- A REST API;
- A Front-end Project using Thymeleaf.
I'm fully aware I could just embed everything in the same project and make my life easier, but I want to decouple the back from the front end for future implementations in different languages.
As I want to keep things simple, I plan to use Auth0 (Okta) for it. There's plenty of documentation on how to protect Rest APIs. Auth0 also integrates seamlessly with Spring Boot.
I'm just wondering how I could go about authenticating on the front-end project and then adding the Authorization header to every call to the back-end. Is it even the correct way of doing it? Has anyone created anything similar?