Hello, unfortunately my latest post was forgotten somehow…
(Auth0 resource owner password flow - #16 by joseantonio.rey)
By the way I still have questions:
- Do you provide along with the enterprise subscription a technical advisor or consultant?
- Why the auth0-js SDK does not implement the refresh token revoke API?
- I can’t still understand the difference between the access token and the ID token. Both are JWT and i believe both(?) needs to be verify on the BE side when they are received from Auth0. My understanding is that the access token is used to check authN/Z for my BE API. In the meanwhile the ID token is used by my client FE application in order to draw the UI.
Thanks in advance