I’m using the Lock library, and it provides me with JWT’s. This is working great.
I’m curious though how to have Auth0 encrypt the token. I was expecting to find a setting on my client settings in Auth0, like and “Encrypt tokens” toggle or something. I can actually find almost nothing about JWE’s on the web except for RFC 7516. I can’t find any documentation from Auth0 about how to enable such a setting. Can you help me? Are they just not really commonly used?
I THINK encrypting them isn’t necessary, as my site is using HTTPS. Is that right?