That is correct. You should have a client/application created specifically for this purpose, and make sure it’s only available on a test/dev environment.
Another option would be to change the configuration of your backend API in the testing environment to accept tokens signed with an alternative key (not the one from Auth0), and build the tokens yourself from a test helper/mocked token issuer.