Validate access token that were created in another IDP


I wish to implement the following architecture:

  1. My_IDP (implemented using Auhtlib) generate an access token using a custom grant
  2. The user sends this token in the security header as a Bearer token to API_A which then validates that token with Auth0
  3. Auth0 receives that token and validates it against My_IDP

I’m guessing that this architecture is possible since I noticed that:

However Authlib doesn’t implement the Discover Endpoint (.well-known/openid-configurati_on) so I need to do it myself. What information does Auth0 requires from that endpoint so it can validate a token? Thanks

Hi @yotamb,

Welcome to the Auth0 Community!

Usually you can validate the token without having to reach out to Auth0. JWT tokens contain a signature that your API_A can use to verify the token. Take a look at common libraries at

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.