Auth0 Home Blog Docs

Creating API key and secret for clients -- is it still the suggested approach?


I saw this post back in 2017,

which describes the flow of how the API key and secret are used, but then I also saw this post

Definitely the first link is more up to date, but I just wanna know if this approach is still the recommended approach if the goal is to provide some sort of credential for clients to use our API.

Is providing the API key/secret -> use such key and secret to call for token -> access API with token still the right approach? I’m not sure how jwt comes into play here honestly

Thank you.