We have a single-page app with an API (the standard stuff).
On frontend we are using it for authentication only.
On backend, mainly token validation and some management API (like password update)
Until now we had two separate apps, one for the app and another for API.
Is it the correct approach? It is even worth having two separate apps? Is the usage quota calculated differently in these cases?
For example, in the case that M2M app used for authentication and management, are both of these counted towards and API call?
Just not sure what is the best practice here.