Access_token using pkce

Hi,
I am understanding the way to create access_token using pkce.
I found this link: https://auth0.com/docs/api-auth/grant/authorization-code-pkce
I notices that the access token which gets generated by this process doesn’t seems to be a JWT token. How do we generate a JWT tocken using pkce?

Thanks

According to the access token document:

  • If the audience is set to
    {YOUR_AUTH0_DOMAIN}/userinfo, then
    the Access Token will be an opaque
    string.
  • If the audience is set to the unique
    identifier of a custom API, then the
    Access Token will be a JSON Web Token
    (JWT).

Also, when the audience is set to a custom API and the scope parameter includes the openid value, then the generated Access Token will be a JWT valid for both retrieving the user’s profile and for accessing the custom API.

For more information about creating and configuring an API in Auth0, see: https://auth0.com/docs/apis#how-to-configure-an-api-in-auth0

You should also check the OIDC Conformant switch, located in the client’s advanced settings. See this for more info: https://auth0.com/docs/api-auth/tutorials/adoption/oidc-conformant

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.