I need a workflow for authentication. I have vue js spa front end and node js express api backend. I want to do sign in and sign up the user using auth0. But when I call auth0.loginPopup and after successful sign in i get user data, and after that when i call auth0.isAuthenticated its true.
But I need a flow in which after successful auth0.loginPopup, need to pass that access token to my backend api and check whether user exist or not and create user of not exist using the user data in access token after verification. If calling to my backend api fails, auth0.isAuthenticated should be also false. My backend will generate a new jwt token after successful verification.
How to do the above flow like we do for api based apps
I got an access token after successful authentication. Its not jwt may be opaque token. My question is how to verify that token from my api so that i can create the user in my db? Is it ok to call the userinfo endpoint and if response is successful do the user signup or signin in backend?