I think I figured this out. I added audience to the client and the backend and not we get a typical JWT on the backend.
Previously we got an encrypted JWT.
What would be the typical pattern for a backend service with an Encrypted JWT? There’s no way to decrypt it without the keys. Is there an Auth0 API to call?