How to use opaque token in Flask Backend?

I’m logging my users in using Auth0 and getting back an opaque token which I’m passing on to Flask backend API.

  • How do I validate these opaque tokens?
  • How do I protect every request?
  • How to I get user info on every request?

Hi @aravind0136,

Welcome to the Community!

An opaque token is intended to be exchanged for a user profile via the /userprofile endpoint.

If you want to secure the requests between your web app and a backend API, you will want to receive a JWT token that can be verified by your application. To return a JWT, you need to specify and audience when you request the token (the audience will be the API consuming the token).

Here is an FAQ about it:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.