I have my own private backend, set up on AWS, running Django. Now, I’ve followed the single page spk auth0 tutorial, and can currently log in, receive what I believe is an opaque token, pass it to my backend, and have my backend call the authentication api using the userinfo url. What I receive is a string of attributes missing their corresponding values (IE I receive the string ‘emailnamenicknamepic…’(or something like that, I don’t currently have the string on me)). I assume I haven’t received a proper jwt bc I haven’t set the audience attribute in the authModule, which leads me to my first problem.
I have no idea what to set the audience attribute to. I set up a custom API in auth0, but I have no idea what that is, or what it does, and if I should set the audience attribute to its url. There already seems to be an authentication api set up for me, so I’m confused as to why I have the option of adding more APIs. I just need a token I can pass to my backend which my backend can use to authenticate the user. Should I set the audience attribute to my own, private backend url?
As you can see, I’m very confused about the role APIs play in Auth0. At a very basic level, all I want is to generate jwts I can cross-check with Auth0 to verify the identity of a user, and to retrieve usernames for that user from Auth0. I already have my own private database established, so I don’t need more interaction with Auth0 beyond this. Any help clarifying all this confusion would be greatly appreciated.