I wonder if you can define if this flow is right:
My Front App calling for my Back service to make login, I’m redirecting him to Auth0, he making login and Auth0 calling my backend callback endpoint, I’m getting JWT token, which has user info. I’m passing this token to Front App and every time Front is calling Back services, I’m validating against Auth0 this token.
I wonder if I can validate Auth0 token without calling their API (cos it takes time + hight latency of calls per API), or I need to sign my own JWT token and manage it against Front App?
what is the best solution?