I have a non-interactive client setup in auth0 that has the client credentials grant type and it uses the RS256 algorithm. Does the API have to go back to the auth0 token endpoint to validate the token?
Hi @dan.hoenig,
You could get better help if you can elaborate your query a little.
As per my understanding, you can also validate the token at your server-end using the libraries provided by Auth0, depending on the technology used.
Here is the doc for quick reference.