We have developed a software as a service (SaaS) which requires a login to get access. Should the web app be located on a subdomain like app.example.com or should it be on www.example.com?
I've seen it done both ways. Thanks for your help!
The reasons companies like Slack uses app. for their platform login, and keep that separate from the site(s) where they keep their company information, blog, landing pages etc.. is for marketing, stability and security purposes.
1. Marketing - you want your primary domain to host landing pages for conversion optimization, and a blog for SEO.
2. Stability - you do not want the marketing department to be adding pages, plugins and making edits to the same site your platform exists.
3. Security - you need added security (i.e. a private server as opposed to a shared server) for your SaaS, but you do not necessarily need that for your site. And, you want to run wordpress for marketing reasons (you need the plugins and integrations wordpress includes to give your marketing department tools to succeed), but wordpress is vulnerable if not managed correctly so you don't want the takedown of your site to also takedown your platform.
I am building two SaaS projects as we speak. Both have wordpress frontends and an app. (angular .js) domain leading to the backend.
Other than branding/marketing reasons, which in my opinion are NOT relevant here since you seem to have one singular brand for the website and the app, there is only one ultimate reason for separating your app domain (host address) from the main website: to easily use separate servers (physical or virtual) for each website.
WHY SEPARATE SERVERS?
The reason for using separate servers is to prevent one server's software, hardware, administrators, users and security policies to affect the other's performance and availability, which is in part what Alex explains in his answer under stability and security.
WHY USE ONE HOST NAME?
However, since generating good, continually-fresh content on your landing website is no easy task, if your app shared its host name with your main website, you could seriously augment your website's content with cleverly exposing user-generated content form inside of the app, e.g. listings and reviews for a vacation home rental app, or questions and answers for a peer-assistance network.
- FOR BEST OF BOTH WORLDS, i.e. segregating servers to achieve higher stability, while sharing host names to aggregate content under one roof, you could look into using a reverse proxy server, which in addition to many other perks, it allows multiple servers to serve through one singular host name, e.g. www.example.com from server a and www.example.com/app from server b. https://en.wikipedia.org/wiki/Reverse_proxy
- FORGO HIGHER STABILITY by using one server and one host name without reverse proxy, while being able to keep all content under one roof.
- OR SACRIFICE EASY* CONTENT AGGREGATION under one roof, by using two separate host names on two separate servers, which will contribute to higher stability and security.
None of the options are inherently wrong, but their validity depends on your specific marketing, development and hosting budgets and expertise, as well as certain specifications and requirements of your application and business as a whole.
* even with content on multiple servers, you may still aggregate content under one roof, but it is a much more involved and complex job.
My preference is app.foo.com so you can run your App in an entirely separate LXD container, so App can run any OS customizations or unusual software packages, with no effect on Website.
This also allows the App LXD container to easily migrate to another machine to balance resources, when this is required.