Unsure when to use machine 2 machine application or API

Kada · November 26, 2023, 3:19pm

Hey there,

I’m a bit confused by the difference between machine 2 machine application and API in Auth0

I have a NextJS frontend and a Golang monolith backend

So far, I’ve created one SPA Application in Auth0 for the frontend, and one Auth0 API for the backend, and I’m using the corresponding client ID/audience as environment variables for both

Right now, I’m implementing new methods in the backend that use the Auth0 Management API with auth0/go-auth0

But for this to work, I need a Client Secret, which is not available for an Auth0 API:

	auth0API, err := management.New(
		.Auth0_domain,
		management.WithClientCredentials(
			context.TODO(),
			Auth0_client_id,
			Auth0_client_secret,
		),
	)

Did I miss something ? Should I use an M2M App for my backend instead of an Auth0 API?

rueben.tiow · November 28, 2023, 12:14am

Hi @Kada,

Welcome to the Auth0 Community!

The M2M app is used to access your API through the Client Credentials flow. You will need to configure both to call your API.

See the documentation below:
https://auth0.com/docs/authorization/flows/call-your-api-using-the-client-credentials-flow

Thanks,
Rueben

Kada · November 28, 2023, 9:51am

That’s what I end up doing, thank you !

system · December 12, 2023, 9:52am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.