I’m not sure yet if this is a bug, perhaps I can workaround it with config. But here is my issue:
My IdProvider issues an opaque access_token
, but it appears okta-auth-js tries to decode access_token as JWT if it finds it, and throws an exception if it fails to decode.
However, from the auth0 blog:
Looking at the source code, I don’t think I can prevent this from happening. Is it a bug? Or have I missed something in my understanding?