Why separation matters
Isolation prevents sandbox traffic from polluting production logs and keeps policies aligned with risk.
Recommended setup
Use separate projects for sandbox and production, with dedicated OAuth/OIDC applications for each.
Operational tips
Document your promotion flow and keep tenant IDs stable across environments.