Does verifying a JWT in API middleware always hit the Auth0 servers?

Im trying to understand the delays inherent in using the auth JWT middleware (express). Does it always make a trip to the Auth0 servers when validating the tokens on each request?

Hi Jeff,

As long as the middleware caches the verification keys, you do NOT make a trip to the Auth0 servers, except for the very first token verification. On the first token, it retrieves the key, and then caches it and uses it.



Thank you for helping on this one John!

Great! I guess that the auth0 express middleware sdk will do that caching. Thanks!


This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.