I am building an API, which is exclusively M2M - it never has any humans using it - so am using the client credentials flow.
My client retrieves the access_token, and can include it as a bearer to my API application.
I am hoping to use remote validation, rather than validating the token in my application. According to their documentation, Okta supports this with the token introspection endpoint. It returns “active”.
Is such a thing available with Auth0?
I was following documentation describing how to set this up with Okta, and the Okta website pushed me towards Auth0, so I get the impression Auth0 is going to replace Okta?