You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I think its best and less error prone to just deny access to opaque tokens.
this will break backwards compatibility for some but hopefully most uses an audience to specify the API that the access token is for, which makes the access token to a verifiable jwt token. https://community.auth0.com/t/why-is-my-access-token-not-a-jwt/31028
If you want to configure the traefik-forward-auth without using an API, create an Default API and set for the tenant to be sure that the access_token always is a verifiable jwt token
The text was updated successfully, but these errors were encountered:
After asking for help on the Auth0 community board I get the following advice.
https://community.auth0.com/t/how-to-verify-a-if-access-token/30840/2
I think its best and less error prone to just deny access to opaque tokens.
this will break backwards compatibility for some but hopefully most uses an audience to specify the API that the access token is for, which makes the access token to a verifiable jwt token.
https://community.auth0.com/t/why-is-my-access-token-not-a-jwt/31028
If you want to configure the traefik-forward-auth without using an API, create an Default API and set for the tenant to be sure that the access_token always is a verifiable jwt token
The text was updated successfully, but these errors were encountered: