We are trying to implement the Blacklist API following this documentation :
https://auth0.com/docs/api-auth/blacklists-vs-grants#blacklists it ask to add a rule to add the JTI claim to the user.
The documentation explicitely say:
“Auth0-issued tokens are JWTs so you can set the JWT ID, or
jti , for the token by including it in the token payload’s
jwtid field. With the
jti in hand, you can make the appropriate
POST call to the Management API’s blacklist a token.”
But we can’t find a way to get this JTI once the rule is applied, it’s not in the JWTs generated by Auth0, it’s not in the user profile.
Where should we get it after to be able to launch the POST request ?
I’ve found a topic of someone asking the same question, but he didn’t have any answer from Auth0 setting jti in tokens with Auth0 Management API v2