Access_token or id_token

patrickcorrigan7 · November 16, 2020, 11:02pm

I’m trying to implement a single page application and an API

My single page application has google as an authentication method.

My frontend makes a request to https://blah.eu.auth0.com/oauth/token and gives me back

an access_token which is a 32 char token and an id_token which seems to be a jwt token that contains my google information.

Which of these should I send to my backend. Should I send the access token and then use that to get the user id? Or the jwt token and decode it to get the userId

dan.woda · November 16, 2020, 11:27pm

Hi @patrickcorrigan7,

If you are looking to send your backend API an access token you should register it and add the identifier as the token audience. Here is an FAQ about it:

patrickcorrigan7 · December 1, 2020, 3:28am

Thank you This worked

system · December 16, 2020, 3:28am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Getting user' id from auth API Get Help	2	8431	November 15, 2019
Confusion around how to use id_token and access_token Get Help id_token , access-token	7	13236	March 2, 2018
Authentication with SPA and API Get Help jwt , auth0	2	4078	September 17, 2020
Appropriate token usage for 1p webapp Get Help jwt , oidc , access-token , id-token	2	2148	September 27, 2022
Is the ID_TOKEN issued as part of the login process guaranteed to be in JWT format? Get Help	4	2771	June 11, 2020

Access_token or id_token

Related topics