IdToken vs AccessTokens and claims access


I’m not sure I get it right.
I have a web application. What token should be used as a bearer token when I’m calling backend from the webbrowser? Front and Backend are in the same domain. And if the answer is access token how should I retrieve claims or other things (like permissions/roles?) stored in id token that may be needed to grant an access to endpoint resources?

This Blog-Post should answer your questions: ID Token and Access Token: What’s the Difference?

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.