"Hello everyone,
I am currently implementing Social Sign-in using Auth0 (without using Universal Login).
My issue is that I want to validate the ID Token received from the mobile side on my backend, perform the auth checks, and then issue an Access Token and Refresh Token back to the mobile app.
I’ve researched this and found a grant type called ‘Custom Token Exchange,’ but apparently, it is only available for B2B/Enterprise plans. Is there any other way to achieve this? How do people usually handle this?
At the moment, I am considering just generating a custom JWT directly from my own app/backend. Any advice?"