We are new to Auth0 and currently looking for a solution for our SPA and API. We have a resource API based on Express js and a React SPA. We have implemented the authentication on SPA but we also want to give the user an API KEY that he can send as an access token to access our API and also implement scope limiting and rate limiting using the same. So the user uses this key for accessing the API and we can log and limit the usage.
I suggest reading over our API Authorization docs, which can achieve your requirements:
Yes i have been over this part of the documentation couple of times , one part that i don’t get is how do I create a access token for the API from the React SPA for a specific user ? And such that every request using that token is logged in auth0.