I was following https://auth0.com/docs/quickstart/backend/rails to set up an application that functions purely as an api, from which resources can be requested from for authenticated and authorized users. The requests are happening from a React SPA.
I’m confused about the following line in this section: https://auth0.com/docs/quickstart/backend/rails?download=true#create-a-jsonwebtoken-class
In the whole article, it is never mentioned to add this credential to the Rails credentials.yml.enc file. Nonetheless the authentication and authorization works correctly. Why is that? Is this credential not necessary? Does this have any security compromises?