How to validate opaque access token?

bryce.wayne.person · December 12, 2024, 11:35am

Could you please tell me how to implement validation for signature of opaque access token?

Standard web application. Frontend+Backend(Golang).
Regular Web Application in auth0 dashboard. Using authorization code flow.
I am implementing this scenario:

The user registered through the login page (passed the authorization code flow). The resulting opaque access token backend save in a cookie. And also i save refresh token for this access token in database.
Next, all API requests from the frontend are sent with the received opaque access token in cookie.
For each API request from the frontend like this, backend do this: validate the access token(signature) from the cookie → see if it is expired → if it is expired, then refresh it using refresh token. And set new access token in cookie. P.S. Refresh token rotation is on of course.

bryce.wayne.person · December 13, 2024, 5:37pm

Hi!
Could you help me please
i can not implement my scenario because of opaque access token

dawid.matuszczyk · December 16, 2024, 2:48pm

Hi @bryce.wayne.person

Welcome back to the Auth0 Community!

I’ve answered to your questions under your other topic → How to set up a authorization code flow correctly? - #3 by dawid.matuszczyk

Thanks
Dawid

Topic		Replies	Views
How to set up a authorization code flow correctly? Help login-experience , new-universal-login-experience	5	58	December 17, 2024
How to validate token from using "Login Using the Authorization Code Flow" Help	2	1675	December 21, 2022
Authorization Code Flow Implementation: Access Token vs Cookie-Based Authentication from Browser Help	2	6042	September 1, 2022
How to verify a if access token Help access-token	2	6562	October 2, 2019
How can i get a valid jwt accessToken in Regular Web Application? Help configuration , application	4	57	December 19, 2024

How to validate opaque access token?

Related topics