Hi I have been using the new version 9.2.2 for about a two weeks, everything was working perfectly. Yesterday however I created a new user logged in everything was fine, then all of a sudden I started getting unauthorized results back from my server. I investigated and found that my the access_token was way to short about the size of a regular guid. I logged out and back in and everything was ok again but this has me quite concerned. What caused the short access token to be returned?
Each time I refreshed the page auth0.js also said that I was authenticated even with this short access token. This should not be happing, also worrying that it’s not easy to reproduce? I have definitely got my audience set so I should be getting back a JWT every single time with no exceptions but now twice in a month I have received an opaque token instead of a JWT.