I have a react webapp, which I’m using to service my frontend, and another Java API Backend.
I’m currently using
@auth0/nextjs-auth0 to get user information from Auth0, which is working well.
access_token is being stored in the user session, and I can use it in the
Bearer header to call my API.
But I’m not sure what the Java backend is supposed to do with the token!
Do I make a call to Auth0 to confirm if this token is valid?
Do I call GetUserInfo?
Do I use the Management API Access Token?
Not quite sure how to proceed at this point.