Access token is not easily checked

When I get an accessToken in my SPA using (any library), well first I used auth0.js, now I’m using the auth0js-react with the useAuth0() hook,
I call “getAccessTokenSilently()”, however the accessToken has more than two periods (.) in it, and seemingly no payload. Neither the jwt.decode() works on it nor the JWT inspector at https://jwt.io/

Here is an accessToken I received:

eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIiwiaXNzIjoiaHR0cHM6Ly96dW0tZGV2LnVzLmF1dGgwLmNvbS8ifQ..JiLc-p0QodSSYc7b.t47KhJ_T4jO0lsq_W8ueNmmUyWFsak_Ft2b2Om6StcF9mjQRI7Pi9WEpARBcS5P2lyzHXk5pvzPOn9ogdGaY8SD7xbAlDLcxdko1GHtQ1Kb7H5OjYsF39CDFY9FsCPbm0WBp31x3KHTNmgX2KLpoa_VEP1CRG0ud_4lAJDFyOpWdwyUFz9Gjck_PUhgzjoRoie5FnHP_owHZIK0SQnWGsNeg6nRzRx04kJUoUeSr6xlasahMbZRfQttGYUme0-hv-vrgRfiBo6LPoNY9B1LpZzbceAO12TogZ6G6cQsN_o51HsoGF72Ng_8iq52AVjQixwJ6GjQ1QFRWvxin8DthReRquiCOzunur09IYAZ6WDOC8fPjw-xtRklukAglWHsGh3H00NFgfp9O2GiQ3IdiRuMT3tdnIAzFytzn9_MZd26FsjBoKgjm2ZPmlmJValF0Psb8BvJ75uZGNMW_slfXKYizKb2GARwHJTTtByx0lMG98R56wy7zOR6KU7--G1WO5Cc3NbskCUYgnHKhb_871YLzDgiTpWsUFk802ry4vJHEeOB1ALk7uwnXthaqAZKc_w4Hk0eF2CTGxjJsE6u2Iyg_.sXkTNIlzcApec1gPrO-SeA

It doesn’t decode at all. Frankly I don’t know how it works or how to decode it or verify it.

Hi @cthomas

Make sure you are passing an audience when you request the access token.
That is most likely an opaque access token for the /userinfo endpoint, and you get that when you don’t specify an audience.

John