Validating SPA JWT Tokens in the backend


I’m connecting with github and I want to obtain IDP tokens from management api.

Using this guide Auth0 Python API SDK Quickstarts: Add Authorization to a Flask API application the process goes as follow:

  1. User logins

  1. Use access_token to fetch / on backend
  2. Validate token on backend using public key and referencing custom api

Validation works for M2M tokens but not for SPA tokens.

How do I validate SPA tokens ?


Omitted to mention the audience when requesting the token.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.