I have the following scenario.
A single page Angular 6x App calling the Auth0 to authenticate. Then it calls the User info and obtains the role of the User.
This works fine as documented in the link https://auth0.com/docs/api/authentication#get-user-info
Now I need to call the API server using this access token which is in node.js and uses express. I was able to do the same and the token is received in the API server, I was able to validate the token.
Since I need to know the user’s role which is not present in the access token, I need to call the UserInfo that was done on the web app in the api server . I tried call the following url
https://[myclientid].auth0.com/userinfo and passing the obtained access token in the header. What ever I do, it says
I need to know what’s inside
webAuth.client.userInfo(authResult.accessToken, function(err, user)) so that I can make the call manually using an existing token.
How do I use the token obtained from the web app to call the user info to obtain the user role?
If the flow is not correct, can I obtain the correct way to do this?