The two APIs are categorized as the public Authentication API, and the secured Management API.
If you have a custom sign up/login page in your application, you can simply use the public /dbconnections/signup endpoint. The Management API /api/v2/users is mainly used by backend services or administrative applications which may need to create users in advance, or without them explicitly signing up. Because this is a secured endpoint, Management API calls require a valid access_token to be generated and passed as the bearer token.
Taken from the Management API explorer:
This document describes the Auth0
Management API, which is meant to be
used by back-end servers or trusted
parties performing administrative
tasks. Generally speaking, anything
that can be done through the Auth0
dashboard (and more) can also be done
through this API.This API is separate from the publicly
accessible Auth0 Authentication API,
which is meant to be used by
front-ends and untrusted parties.