My application is built in PHP and uses auth0/auth0-php. Just found when OIDC Conformant is enabled, it’s unable to decode id_token. The code for decoding is like -
$verifier = new \Auth0\SDK\JWTVerifier([ 'valid_audiences' => [$config->client_id], 'client_secret' => base64_encode($config->client_secret) ]); $tokenInfo = $verifier->verifyAndDecode($input['id_token']);
If I disable OIDC Conformant, it is able to decode id_token successfully.
I am using HS256 as JsonWebToken Signature Algorithm. Is there anything I am missing for decoding id_token?