Hey there @roy.manotosh welcome to the community!
You’ll notice that the access token shared from the auth code flow isn’t decoded - This is due to the fact that the when authenticating via the auth code flow there is no audience param being passed and thus the access token returned is opaque.
For auth0-react
in particular you will need to pass an audience
param as a part of AuthorizationParams in Auth0Provider
. Once the audience is included, you should be able to decode the access token returned at jwt.io and your API should be able to validate it as well.