[aprdm]

Isn't having two distinct servers one for auth and one for business logic too much for small start ups / services?

I can see the benefit when scaling but starting with this design seems to be a little bit of an overkill / harder to manage? Care to elaborate?

Cheers

[jaypaulynice]

For a quick prototype, I think it's ok to have both in same server/database, but beyond a prototype you should think about security and scaling. Redesigning later can be a nightmare and most people end up not doing it instead just leaving what they already have.

The good thing with 2 separate servers is that if one is compromised, then the bad actor doesn't get access to all your data. Also you could use any language/database that makes sense for your auth server or services.