I have a angular SPA on the frontend and a python flask API on the backend. I’m using Auth0 to authenticate the user. So on the frontend the user logs in and uses the user information to interact with the backend API.
What I want to do is to send the sub claim of the JWT and the user’s name in each request to the API. The API will then store the sub claim as the user’s id and the user’s name so it can identify the user.
Is this the most efficient way of doing it or am I missing something? Is it also secure storing the users name with the sub claim on my database?