abcd
@disqus_KFqipLUsW6:disqus is it true that we have to modify this application to validate the JWT. Based on the link you shared, we either have to cache the key to see if token signature is valid or use the remote okta call to achieve the same?
@Andrew is my understanding correct?