I’m logging my users in using Auth0 and getting back an opaque token which I’m passing on to Flask backend API.
- How do I validate these opaque tokens?
- How do I protect every request?
- How to I get user info on every request?
Hi @aravind0136,
Welcome to the Community!
An opaque token is intended to be exchanged for a user profile via the /userprofile endpoint.
If you want to secure the requests between your web app and a backend API, you will want to receive a JWT token that can be verified by your application. To return a JWT, you need to specify and audience when you request the token (the audience will be the API consuming the token).
Here is an FAQ about it:
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.