Happy to help!
The access token is used to call an API - Typically, this is added as a header in a request to an external API at which point the API verifies it and additionally checks for permissions. Some libraries that do this can be found here.
You can technically use the Authentication API to carry out most login functionality typically managed by Auth0 SDKS - The API will return tokens, but storage would be entirely up to you at that point without an SDK.