@geofflancaster, @arturhaddad:
tl;dr: If JWT format is not sent to your client, it’s because you probably don’t have an audience specified.
An access token can be dispensed in one of two formats: JWT or opaque . You will not be able to validate an opaque token without the /userinfo endpoint. A JWT token can be validated on a client.
When making a request, be sure to include an audience field along with the domain, client ID and responseType.
More on how to validate JWT tokens here and here.
More on why Auth0 assumes it will need an opaque token without an audience here.
Hope this helps. Please reach out with any questions.