What is the difference between id_token and access_token in Auth0

OpenID Connect is built on top of OAuth2.

  • An access_token is useful to call certain APIs in Auth0 (e.g. /userinfo) or an API you define in Auth0.
  • An id_token is a JWT and represents the logged in user. It is often used by your app.
  • A refresh_token (only to be used by a mobile/desktop app) doesn’t expire (but is revokable) and it allows you to obtain freshly minted access_tokens and id_token.

Leave a Comment

Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)