Question: How can I test and debug access tokens / ID tokens?
The Authentication API Debugger Extension is a great tool for easily creating and configuring token requests. It allows you to craft requests directly in the UI and test parameters like audience, scope, and prompt. You can use it to request access tokens, ID tokens, and refresh tokens.
Then, configure your token requests. (For example, add an audience parameter to request a JWT to be consumed by your custom API.)
Finally, log in by clicking the OAuth2 / OIDC Login button.
Once you logged in and created a session, you shouldn’t have to enter your credentials on subsequent token requests.
If you see an error when loading the extension, try logging out of your tenant and logging back in.
If you have a JWT you can inspect it with jwt.io, a JWT debugger brought to you by Auth0.
Here is an example JWT:
If you have an opaque token then it cannot be inspected. To request a JWT follow this guide.
Here is an example opaque token: