P E N C I L
Login
Tokens

ID Token

The ID Token is a JSON Web Token (JWT) that contains user profile information (such as the user's name and email) which is represented in the form of claims.

TImeout is set in Application > JWT Expiration

{authResult} = {idToken, idTokenPayload={exp}}

Tokens that conform to the JSON Web Token standard and contain information about an entity in the form of claims. They are self-contained in that it is not necessary for the recipient to call a server to validate the token.

Access Token

Is Opaque token

Timeout is set in API > Token Expiration For Browser

{authResult} = {accessToken, expiresIn}

Obtains by https://YOUR_DOMAIN/authorize?response_type=token

Refresh token

How to verify token

https://auth0.com/docs/api-auth/tutorials/verify-access-token#verify-the-signature

https://eevdokimov.auth0.com/jwks/.well-known/jwks.json

References

1. https://auth0.com/docs/tokens