I am planning on releasing a frontend JS app that uses Auth0 and I am not sure if I should be keeping my domain and clientID secret.
I came across one Stack Overflow post with the same question as mine, and I wanted to confirm the answer given there.