Hi, How do I verify that an access token and a id-token is actually related? I see that google has a hash of the access token related to the id token as a claim to be able to check that they are related to each other. Has Auth0 something similar? I’m creating a auth proxy server for a load balanc…

Verify that the access token and id token is actually related to each other

dan.woda September 17, 2019, 9:34pm 2

I am assuming this is somewhat related to your other topic.

If you get a JWT rather than an opaque token, you can verify the user of the token via the sub claim.

See JWT claims here:

Hope this helps!

Dan

1 Like

Topic		Replies	Views
Basic Auth0 question about JWT id_tokens and Universal Login flow Help login-experience , new-universal-login-experience	4	634	September 7, 2023
How to verify a if access token Help access-token	2	6538	October 2, 2019
Using access_tokens and id_tokens together Auth0 Help jwt , auth0 , login	3	3389	September 3, 2019
Confusion around how to use id_token and access_token Help id_token , access-token	7	13062	March 2, 2018
Appropriate token usage for 1p webapp Help jwt , oidc , access-token , id-token	2	2131	September 27, 2022