Need of reference token

Reference token should be available along with introspect endpoint.

Currently, as per Auth0 documentation, opaque token is same as reference token, but if we look at reference token of other provider eg. ‘Identity Server’ then reference token is just an identifier whereas Auth0 opaque token is not just identifier instead it store claims information. Size of opaque token get increased if we add more custom claims.

Reference Tokens — IdentityServer4 1.0.0 documentation

Currently, if we need to add custom claims in access token then there are payload size limitation and also it will cause performance issue. So, if we get an token identifier then we can just share token identifier with APIs and from there we can validate token and get complete payload of the token.

Hey there!

Thanks for creating this feedback card. Don’t forget to upvote it so that it attracts as much attraction as possible. Basically we review the Feedback category on a monthly basis with our Product team so let’s see maybe your item will be added to the backlog next! Good luck!