SPA/API and getting user information on the server


My environment includes a Vue JS front end and Dotnet Core backend.

I am using the Auth0 Spa SDK.

I can login and get an access token, view the user information, etc on the client.

However, I want to create a new user on the server if they are not registered. It feels like I don’t want to pass the user information from the client because it could be edited.

What is the best approach to get the user information down to the server after the SPA as authenticated?

Thank you,

Hi @martin.d.weel,

Welcome to the Auth0 Community!

The Access Token can be sent to your backend and is signed to prevent tampering.