I want to use Auth0 together with opaque tokens. According to the spec for OAuth Introspection opaque tokens should be validated at the authorization server using the introspection endpoint.
Unfortunately, Auth0 does not provide an introspection endpoint. How can I validate opaque tokens?
Is it planned to add support for token introspection or token revocation?
For some customers of mine, JWT tokens must not be used, for example, due to privacy reasons