Hello, I wanted to deeper understand when to use
Personal Access Tokens on Passport.
From Laravel docs:
Sometimes, your users may want to issue access tokens to themselves without going through the typical authorization code redirect flow. Allowing users to issue tokens to themselves via your application's UI can be useful for allowing users to experiment with your API or may serve as a simpler approach to issuing access tokens in general.
I understand that the first purpose is for testing or experimenting with the API, but the second "simpler approach to issuing access tokens in general" why would I need to issue an access token if not for testing or experimenting?
If I wanted to consume an API trough an SPA, this approach is good enough? What would be the weak points?