Hello, this is my first post.
I have read about Application Types and how it’s not recommended to put Management API Tokens on the front end of for example an SPA.
I think my application is a Singe Page Application (SPA), meaning that most of the application logic is on the client side. I also have a Server Folder with node.js files and modules where I currently have the auth0 authentication configured as a “Regular Web Application” using express.js.
-
I don’t know if that was the correct configuration method, I mean my front end is still considered to be a Singe Page Application (SPA) right? Even though I use an express.js server where I authenticated users. Is my application considered SPA because most of the application logic is on the front end and it loads all the client resources at once? Or can I use some routes on the same domain (currently localhost) using my express.js back-end and therefore safely use things like the Management API Token for letting users change user metadata. And it would be considered to have multiple pages?
-
I want to write code so that the user can change his own user metadata. In the case that my configuration (which is based on my understanding of application types), is correct, it means that I can follow the guide for getting the Management API Access Tokens for Regular Web Applications but if it’s not, then I would have to follow the SPA guide and it does not reccomend allowing users to change their metadata. Any other way around it like Registering a Machine-to-Machine Application would be very difficult for me as I am a Beginner Coder, I can’t find a video tutorial, haven’t ever created a CLIs or APIs really. I would need a guide specifically for creating that API for using it for that purpose, like how to connect that Machine-to-Machine application to the Regular one in order to get the Access Token on the Regular one. All of that doesn’t make sense to me.
What would be the easiest and correct way for me to move foward?
I am still learning to code, and this is my first back-end project. Please excuse me if I might have asked some basic things or if my questions don’t make any sense.