This is really embarrassing question to ask as I assume what I want to accomplish is a basic tenant to authentication/authorization workflow. I have searched everything I can online and I think the problem is that I don’t know the correct question to ask. So please bear with me.
I have an Auth0 account and an application (React APP) that is correctly handling authentication. The React app makes API (POST) calls to my Python API (Sanic app if that matters).
I think I want to use RS256. I am passing the id token that my client web app gives me that correctly validates in jwt.io.
My python API correctly gets this token in the authorization bearer header.
Now… how do I validate this token?
I have tried sanic-jwt, pyjwt and a few others and I am unable to get anything other than a incorrect algorithm, or some other 400 (bad request) error.
Please post general steps or a link to how I should validate this token on my python api server side.