I’m using nonces as WordPress uses them. It’s an extra security measure, a hash that is being sent to the server that changes within ever few hours.
If that hash is not there, the request is invalidated.
The page I am working on has many AJAX calls (about 20 or so). Right now, I have a difference unique nonce for each one. Is that necessary? Should I just keep it with one generic “AJAX” nonce used for all the requests?
Unless you’re doing something funky, there’s not much computational overhead in having unique nonces. The added benefit is probably minimal, but I’d say it’s worth leaving it the way you have it.