Hi. I am using Play Silhouette with Auth0 provider. When the user tries to login to my application, the backend calls Auth0 API ("
https://mydomain.auth0.com/oauth/ro") to sign in through username and password. Since the authentication is successful, the backend receives an access_token from Auth0.
Now, the user should receive a token that will be used when calling other services of my application.
Should I generate a new token or forward the access_token received by Auth0? In the second case, how can I validate the access token without calling an Auth0 API?
Thanks in advance.
Mattia