Hey there,
I’m a bit confused by the difference between machine 2 machine application and API in Auth0
I have a NextJS frontend and a Golang monolith backend
So far, I’ve created one SPA Application in Auth0 for the frontend, and one Auth0 API for the backend, and I’m using the corresponding client ID/audience as environment variables for both
Right now, I’m implementing new methods in the backend that use the Auth0 Management API with auth0/go-auth0
But for this to work, I need a Client Secret, which is not available for an Auth0 API:
auth0API, err := management.New(
.Auth0_domain,
management.WithClientCredentials(
context.TODO(),
Auth0_client_id,
Auth0_client_secret,
),
)
Did I miss something ? Should I use an M2M App for my backend instead of an Auth0 API?