I have a hard time figuring out the purpose of APIs (that are created in Auth0 dashboard).
What do I need the APIs for? How the APIs are different from Applications? How to use it?
Hi there @rdruzhkov and welcome to the community!
The primary difference between the two is that an “API” as defined in Auth0 will logically represent your backend/API via the API Identifier also known as the audience whereas the Application as defined in Auth0 will provide the client_id, secret, etc. you’ll use to configure a client.
The following docs provide some more context on this relationship for example:
Hope this helps to clarify!
1 Like
Hi @ty.frith , thank you for the response!
So the main goal of having an API is to create audience value that will allow to the backend/API to understand if the id_token, access_token etc are intended to be used by the backend/API. Am I right?
If I’m right then why can’t we use application client_id as audience? I know that my backend/API is going to be used by the application. So it seems to me that on the backend/API side I can validate audience by checking if it’s equal to application client_id, since my application is allowed to interact with backend/API.
1 Like
Hey there @rdruzhkov! I apologize for the delayed response on this one, but wanted to get back to you nonetheless.
That is exactly right.
You might be able to use the client_id as the audience as it’s just an identifier although I cannot confirm there won’t be any issues with this approach and don’t recommend 
2 Likes
Thank you for the provided information!
1 Like
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.