What is the difference of using API token and SPA token

Hi, I’m following this guide
https://auth0.com/blog/modern-full-stack-development-with-nestjs-react-typescript-and-mongodb-part-1/
https://auth0.com/blog/modern-full-stack-development-with-nestjs-react-typescript-and-mongodb-part-2/

In part one, an API section was selected and created, and a test application was created automatically, let’s say it is BlogApi(Test Application).

The backend side uses the clientId, domain, and audience configured by BlogAp(Test Application).

In part two, the Application selected and created an application called Blog. At the frontend side, the guide uses the domain, audience, and client of Blog Application.

I’m confused about why we need to use two types of Applications here, and how can I deploy it in the production version of the project in the guide.

Many thanks.

Hi @TitanMikasa,

The test application is used for testing your API. It is typically used by the tools built in to the dashboard. You could theoretically use this for your application, but I would advise you to create a new application as it is stated in the blog.

This creates a separation (different client ids/secrets) between requests that are coming from you testing the API in the dashboard, and the requests from your other apps, prod/dev/staging/etc.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.