A key thing I want in my software is built-in handling of multiple front-end applications administered by a single independent administrative back-end application. Which translates into:
Since my intention is that each application is deployed on its own domain, I call each domain an "installed domain".
An installed domain is an actual thing in my software. Each installed domain must exist in the database; and, an app's installed domain must be explicitly named in the .env.
The installed domain is set-up during installation. This is the what the installed_domain looks like in the .env after installation:
This is what the installed domain looks like in the database after installation:
Policies is a core Laravel framework feature to implement authorization. The admin app uses native Laravel policies with installed domains. Nova also uses Laravel policies for authorization management, instead of using its own authorization implementation -- one of the key attractions for using Nova.
The front-end has to get its blog posts from the back-end. The admin back-end has to know about the front-end by having the front-end domain existing in the database's "installed_domains" table.
When the front-end asks the back-end for its blog posts, the front-end includes its domain name within the json web token. Specifically, as an "iss claim" (the issuer):