I have a regular web application created in Auth0. It is integrated with my Next.js web app that allows me register/login/logout. After logging in I receive all the tokens. My Next.js app wants to make secure API calls to my Node.js server.
My question is if I pass the ACCESS_TOKEN Next.js receives after logging in how do I check if the token is valid in Node.js backend I have?
I saw an example with JSON web token public keys provided by regular web app to authorise the JWT (access token?). Not sure if that’s what I need in this case though as it is still not working for me. Usage:
const jwtCheck = jwt({
secret: jwks.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: "https://dev-XXXXX-x.us.auth0.com/.well-known/jwks.json",
}),
audience: "https://www.XXXX.com",
issuer: "https://dev-XXXX.us.auth0.com/",
algorithms: ["RS256"],
});
let app = express();
app.use(jwtCheck);
Any help or guidance is deeply appreciated, thanks!