Update IaC to generate multiple app registrations #397
Description
Describe Problem
Currently, we use the same app registration / client id for the API and the front-end.
Since these two are different clients with different concerns, it is recommended to havve separate app registrations for the different applications / clients.
Some issues that show up when using a single app registration:
- The API does not need reply urls or the OpenID Connect scopes
- The front-end is a public client (until Implement BFF OAuth2 Proxy #391 is implemented), but the API is a confidential client
- The API may need additioanl scopes / API-permissions to call different services, which are not intended to be called directly from the front end
Suggest Solution
Create different app registrations (via bicep) for the different components (and environments)