![New M4 MacBook Air On Sale for $949 [Deal]](https://www.iclarified.com/images/news/96721/96721/96721-640.jpg)
![iFixit Tears Down New M4 MacBook Air [Video]](https://www.iclarified.com/images/news/96717/96717/96717-640.jpg)
![[The AI Show Episode 139]: The Government Knows AGI Is Coming, Superintelligence Strategy, OpenAI’s $20,000 Per Month Agents & Top 100 Gen AI Apps](https://www.marketingaiinstitute.com/hubfs/ep%20139%20cover-2.png)
![[The AI Show Episode 138]: Introducing GPT-4.5, Claude 3.7 Sonnet, Alexa+, Deep Research Now in ChatGPT Plus & How AI Is Disrupting Writing](https://www.marketingaiinstitute.com/hubfs/ep%20138%20cover.png)
![How to become a self-taught developer while supporting a family [Podcast #164]](https://cdn.hashnode.com/res/hashnode/image/upload/v1741989957776/7e938ad4-f691-4c9e-8c6b-dc26da7767e1.png?#)
![[FREE EBOOKS] ChatGPT Prompts Book – Precision Prompts, Priming, Training & AI Writing Techniques for Mortals & Five More Best Selling Titles](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
.jpg?#)
.jpg?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
Design questions for a biz. system utilizing an in-house OAuth2 server
My question is about an enterprise system that has its own OAuth2 Authorization Server. In my system(in progress now), there is an OAuth2 Authorization Server, a Resource Server that holds user information, a Resource Server for managing partners, and a Resource Server for managing products and inventory. The way I am implementing this is as follows: All back-end systems are implemented as separate Spring Boot projects — an OAuth2 Client, an OAuth2 Authorization Server, a User Information Resource Server, a Partner Data Server (Resource Server), and a Product & Inventory Management Server (Resource Server). There is a standalone OAuth2 Client (Spring Boot), and a Vue frontend accesses this client. The OAuth2 Client receives a token from the OAuth2 Authorization Server. Using that token, the OAuth2 Client accesses both the Partner Data Server and the Product & Inventory Management Server, treating them both as Resource Servers. However, I noticed that most sample projects take a different approach. They often combine partner management and product & inventory management functionality directly into a single OAuth2 Client. In these examples, the Resource Server is usually only responsible for serving user profile information. I would like to understand why this design is so common. Additionally, in systems like mine that have their own OAuth2 Authorization Server, many sample projects show the OAuth2 Client issuing its own JWT after a successful login. This newly issued JWT is then used for all subsequent requests. I’m curious why the client does not simply continue to use the original token issued by the OAuth2 Authorization Server. I would appreciate your insights on these points.
My question is about an enterprise system that has its own OAuth2 Authorization Server.
In my system(in progress now), there is an OAuth2 Authorization Server, a Resource Server that holds user information, a Resource Server for managing partners, and a Resource Server for managing products and inventory.
The way I am implementing this is as follows: All back-end systems are implemented as separate Spring Boot projects — an OAuth2 Client, an OAuth2 Authorization Server, a User Information Resource Server, a Partner Data Server (Resource Server), and a Product & Inventory Management Server (Resource Server).
There is a standalone OAuth2 Client (Spring Boot), and a Vue frontend accesses this client. The OAuth2 Client receives a token from the OAuth2 Authorization Server. Using that token, the OAuth2 Client accesses both the Partner Data Server and the Product & Inventory Management Server, treating them both as Resource Servers.
However, I noticed that most sample projects take a different approach. They often combine partner management and product & inventory management functionality directly into a single OAuth2 Client. In these examples, the Resource Server is usually only responsible for serving user profile information. I would like to understand why this design is so common.
Additionally, in systems like mine that have their own OAuth2 Authorization Server, many sample projects show the OAuth2 Client issuing its own JWT after a successful login. This newly issued JWT is then used for all subsequent requests. I’m curious why the client does not simply continue to use the original token issued by the OAuth2 Authorization Server.
I would appreciate your insights on these points.
