I’ve got a Vue SPA working with a Laravel API. I’m using the implicit flow and everything works. I can authenticate the client, get tokens on the client, send them to my laravel api and authenticate against the api. No problems there.
But I cannot get the user profile information on the API side. I need it to do some checks on the user and to make sure the user is accessing the correct resources based on email address or whatever.
Tried. Auth0::getUser() but that just returns 1.
If I have a valid user with an access token, how should I get the user profile information from the OOID? (email, name, etc) Do I have to use the management API? If so, does that mean that every time I validate a token on the api side, I need to check with the management API to re-pull the credentials?