I am trying to implement OKATA SSO authentication for my application with below details. can you suggest the right pattern to be used.
UI - Angular SPA
API - Spring Boot (Rest API backend)
For UI, I am using Authorization code flow with PKCE. But I am not sure which pattern to use for backend API service.
SO far I have created only one client app in OKTA for authenticating my UI app alone.
which approach would work.
- Just pass the ID token to API service and validate Or
- Create separate client app for API service and follow authorization code flow for API.
Please suggest the right patterns. Thank you for your help.