Previously, users could only generate a single key for a given application, which meant the same credentials were used for both production and non-production environments.
To address this security issue, now two different keys can be generated for an application. The production key can be used to invoke the production URL, while the sandbox key can be used to invoke the sandbox and other URLs for lower environments.